0519fbc271e4ad082b4e071d07b5a266

Sharing

Copy URL Twitter E-mail

General

Target

0519fbc271e4ad082b4e071d07b5a266
Size

1.3MB
MD5

0519fbc271e4ad082b4e071d07b5a266
SHA1

072b9c4ffd9243a34b4886df485ecdb23714d93e
SHA256

f6ac68823fbc2a76256b4ec6511d85191c09166c7c0fbfb21a0c0c5a8cdbdfa9
SHA512

f17267a545b24db90ed3ea2b47411cb6d81871f1e426e6c23810325517a5e3929164008914166acab3cb5968a68fd19719043402ac906c3236cd476224120fe5
SSDEEP

12288:A1r5gGxqbR1oXE9Ud8R8HEsQtKqbqsrzRy6:AVqbR1oXE9UaR8HEs0KKXR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0519fbc271e4ad082b4e071d07b5a266

Files

0519fbc271e4ad082b4e071d07b5a266
.exe windows:4 windows x64 arch:x64

0e700ff837d78ea10a6bbadb6f46b229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

memset
memmove
wprintf
strcpy
strcat
strlen
_itoa
sprintf
realloc
memcpy
wcslen
qsort
exit
strerror
__iob_func
fflush
_write
malloc
calloc
free
_get_osfhandle
atexit
setbuf
memcmp
getchar
_wgetenv
_putenv
_environ
_close
_read
_open
_errno
_fdopen
fwrite
fputs
_fseeki64
fread
feof
ferror
getc
ftell
fseek
fclose
rewind
_chsize_s
_wstat64
_wrename
_wfopen
_fileno
_wpopen
_pclose
_wsystem
_waccess
_wremove
_wchdir
_wgetcwd
_chmod
_execvp
_execve
_getpid
signal
_snprintf
sscanf
_utime64
_localtime64
_mkgmtime64
_time64
_stat64
vfprintf
strchr
strstr
longjmp
fprintf
__argc
__wargv
_wenviron
_XcptFilter
__set_app_type
_controlfp
__wgetmainargs

crypt32

CertFreeCertificateContext
CertCloseStore
CertOpenSystemStoreW
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertFindChainInStore

ws2_32

closesocket
socket
WSAGetLastError
WSAConnectByNameW
send
recv
htons
inet_ntop
ntohs
getaddrinfo
freeaddrinfo
getsockname
shutdown
select
__WSAFDIsSet
WSAStartup
getpeername
bind
listen
accept
ioctlsocket
setsockopt
connect
getsockopt
sendto
recvfrom

secur32

InitSecurityInterfaceW

kernel32

GetLastError
LocalAlloc
LocalFree
SetConsoleOutputCP
GetConsoleMode
GetConsoleOutputCP
GetStdHandle
SetConsoleMode
AddVectoredExceptionHandler
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
CopyFileW
RemoveDirectoryW
ReadConsoleW
ReadFile
GetModuleFileNameW
GetFileAttributesW
CreateFileW
GetFinalPathNameByHandleW
CloseHandle
GetFullPathNameW
FindFirstFileW
FindClose
FindNextFileW
CreateDirectoryW
CreatePipe
SetHandleInformation
ExpandEnvironmentStringsW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CreateSymbolicLinkW
CreateHardLinkW
IsDebuggerPresent
GetComputerNameW
GetModuleHandleA
GetProcAddress
TerminateProcess
GenerateConsoleCtrlEvent
Sleep
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
FileTimeToSystemTime
SetUnhandledExceptionFilter

user32

wsprintfW

advapi32

GetUserNameW

Exports

Exports

__bt_init
tcc_backtrace

Sections

.text
Size: 742KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stab
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stabstr
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e700ff837d78ea10a6bbadb6f46b229

Headers

File Characteristics

Imports

msvcrt

crypt32

ws2_32

secur32

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 742KB - Virtual size: 741KB

.data Size: 28KB - Virtual size: 30KB

.pdata Size: 14KB - Virtual size: 14KB

.stab Size: 348KB - Virtual size: 348KB

.stabstr Size: 216KB - Virtual size: 215KB

.text
Size: 742KB - Virtual size: 741KB

.data
Size: 28KB - Virtual size: 30KB

.pdata
Size: 14KB - Virtual size: 14KB

.stab
Size: 348KB - Virtual size: 348KB

.stabstr
Size: 216KB - Virtual size: 215KB