67dfb26d1a5171ed6a53e2b0fc0b8164

Sharing

Copy URL Twitter E-mail

General

Target

67dfb26d1a5171ed6a53e2b0fc0b8164
Size

18KB
MD5

67dfb26d1a5171ed6a53e2b0fc0b8164
SHA1

f1c3c02e071eb101c8c05e0e9834fbd1bf77cf6b
SHA256

791628fba78251a2dbb9ed5d70cef8882f302888f82fb78aa1c15d97558f9e8c
SHA512

476b4e2f88a97e29685afc1a6f9ddc313109259ccad142ce3d4c83fedf8f4fddc9359cbbc7595b45f56c57aee2b35db55036bcc9a4073ffe5b364d8afa732d54
SSDEEP

384:blcVypXhG4D6Sh+E0Qgx6Jzhhewo8ZILzwvWRHoYPZQls:dhGs6Sh+ggx6JXeLPzw+BBQls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67dfb26d1a5171ed6a53e2b0fc0b8164

Files

67dfb26d1a5171ed6a53e2b0fc0b8164
.exe windows:4 windows x86 arch:x86

5d6b7640fa82b3ba38cdfeeded26763a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
SetInformationJobObject
GetProcessIoCounters
IsSystemResumeAutomatic
GetDiskFreeSpaceExA
GetVersionExA
LZCloseFile
DeleteTimerQueue
GetConsoleTitleA
ReadConsoleOutputCharacterA
_hread
SetConsoleCursorMode
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
OpenJobObjectA
GetSystemDirectoryA
RemoveDirectoryA
VirtualQueryEx
GetDiskFreeSpaceA
GetProcessAffinityMask
UnlockFile
GetCurrencyFormatA
FillConsoleOutputCharacterA
UnlockFileEx
GetConsoleWindow
GetTempPathA
LocalFileTimeToFileTime
lstrcpynA
MoveFileExA
GetStartupInfoA
GetDriveTypeA
FlushFileBuffers
GetFullPathNameA
ClearCommBreak
GetVolumePathNameA
GetFileType
GetSystemTimes
HeapSummary
lstrcmpA
ReplaceFileA
WritePrivateProfileStructA
WriteConsoleInputA
GetTickCount
SetLocalPrimaryComputerNameA
RaiseException
GetProcessWorkingSetSize
lstrcpyA
GetNativeSystemInfo
GlobalFix
GetThreadPriorityBoost
GetCommModemStatus
HeapDestroy
SetMailslotInfo
WriteFileEx
SetFileAttributesA
GetStringTypeExW
SetFileAttributesA
Heap32First
OpenEventA
GetFileAttributesA
GetCurrentDirectoryA
GetExpandedNameA
SetConsoleMode
CreatePipe
OpenWaitableTimerA
WriteConsoleOutputA
MapUserPhysicalPages
ReadConsoleOutputAttribute
MoveFileA
OpenFileMappingA
SetConsoleHardwareState
TermsrvAppInstallMode
GetConsoleFontSize
CreateFileMappingW
GetComputerNameA
GetShortPathNameA
GetConsoleTitleA
LoadLibraryExA
GetModuleFileNameA
VirtualProtectEx
CreateDirectoryA
GetThreadContext
DisconnectNamedPipe
GetModuleFileNameA
GetDefaultCommConfigA
CloseHandle
Process32First
ExpungeConsoleCommandHistoryA
SetFirmwareEnvironmentVariableA
GetCurrentProcess
EndUpdateResourceA
GetExitCodeProcess
WriteConsoleOutputA
GetSystemInfo
GetSystemWindowsDirectoryA
SetTimerQueueTimer
GlobalMemoryStatusEx
EnumTimeFormatsA
GetConsoleAliasesLengthA
LocalSize
HeapSetInformation
VirtualAllocEx
GetCurrentDirectoryA
GetProcessTimes
ReleaseSemaphore
GetProcessHeaps
SetComputerNameExA
GetLastError

winfax

FaxEnumJobsA

Exports

Exports

Ggslfnwxb
Obaitguvh
WriteIudbyvta
WriteTavsuvjyoe

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d6b7640fa82b3ba38cdfeeded26763a

Headers

File Characteristics

Imports

kernel32

winfax

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 3KB

.edata Size: 3KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 7KB - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 3KB

.edata
Size: 3KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 2KB