7645093fc0e22fd42b38640c9e7b1acb

Sharing

Copy URL Twitter E-mail

General

Target

7645093fc0e22fd42b38640c9e7b1acb
Size

991KB
MD5

7645093fc0e22fd42b38640c9e7b1acb
SHA1

475a1699a95a3db9f3975d570b8d496e198fff76
SHA256

8e13aa72f469e1331633cdb6c7a857d1e7d9eaad00062982833cb0fb2e47b9cd
SHA512

25d1125c53c342788773eaed1a0a7c5fac0a930e5f9bce13855706d4b163a41ebc3dc7f50c2c9419b276bea4411202ce424d30edae70668ca702c7ea3255560a
SSDEEP

12288:etdwo54K+EjPC3psMWLmLU+QoKpzoKKujAx+cbw0PIO3xKLfW0kYlz1:etdRPlmmFmLNbqrZy+dg+6Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7645093fc0e22fd42b38640c9e7b1acb

Files

7645093fc0e22fd42b38640c9e7b1acb
.exe windows:6 windows x64 arch:x64

b1cbccee3ccdeba01bfbf7d13c44db33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetPhysicallyInstalledSystemMemory
SetConsoleScreenBufferSize
GetStdHandle
SetConsoleWindowInfo
FindNextFileA
InitializeCriticalSection
FindClose
GetCurrentDirectoryA
GetLastError
GetLargestConsoleWindowSize
QueryPerformanceFrequency
GetSystemInfo
HeapSetInformation
HeapAlloc
DeleteCriticalSection
GetConsoleScreenBufferInfo
GetConsoleWindow
QueryPerformanceCounter
CreateDirectoryW
GetLocalTime
ReadFile
CreateFileA
CloseHandle
SetFilePointerEx
HeapSize
Sleep
VirtualFree
VirtualAlloc
GetDiskFreeSpaceA
GetCurrentThread
SetThreadIdealProcessor
HeapFree
FindFirstFileA
LeaveCriticalSection
GetProcessHeap
EnterCriticalSection
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileSizeEx
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
GetConsoleCP
FlushFileBuffers
GetTimeZoneInformation
ReadConsoleW
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
GetConsoleCursorInfo
GetFileType
DuplicateHandle
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
GetVersion
GetTickCount
GetModuleHandleA
GetProcAddress
SetConsoleActiveScreenBuffer
GetConsoleMode
SetConsoleCtrlHandler
SetConsoleMode
CreateConsoleScreenBuffer
FlushConsoleInputBuffer
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
WriteConsoleOutputA
SetConsoleCursorPosition
WriteConsoleA
SetConsoleCursorInfo
WaitForSingleObjectEx
SwitchToThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
TryEnterCriticalSection
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
WaitForSingleObject
RtlUnwindEx
RtlPcToFileHeader
RaiseException
ExitProcess
GetModuleHandleExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitThread
WriteFile
GetCommandLineA
GetCommandLineW
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc

user32

SetWindowLongW
GetMonitorInfoA
MonitorFromWindow
GetWindowRect
MapVirtualKeyA
GetKeyState
ShowScrollBar
GetWindowLongW
MoveWindow

ws2_32

WSAStartup
closesocket
WSAGetLastError
setsockopt
ioctlsocket
freeaddrinfo
inet_ntop
recv
connect
socket
send
getaddrinfo
listen
bind
accept
WSACleanup

urlmon

URLOpenBlockingStreamW

Sections

.text
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1cbccee3ccdeba01bfbf7d13c44db33

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

urlmon

Sections

.text Size: 553KB - Virtual size: 552KB

.rdata Size: 176KB - Virtual size: 175KB

.data Size: 16KB - Virtual size: 42KB

.pdata Size: 25KB - Virtual size: 24KB

.rsrc Size: 215KB - Virtual size: 214KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 553KB - Virtual size: 552KB

.rdata
Size: 176KB - Virtual size: 175KB

.data
Size: 16KB - Virtual size: 42KB

.pdata
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 215KB - Virtual size: 214KB

.reloc
Size: 5KB - Virtual size: 4KB