106bd395cb23d8b7dbab2ee9a46914d1

Sharing

Copy URL Twitter E-mail

General

Target

106bd395cb23d8b7dbab2ee9a46914d1
Size

145KB
MD5

106bd395cb23d8b7dbab2ee9a46914d1
SHA1

4878592b7135279903372950e17cd8057c58e353
SHA256

200e71cceab5320857dbd82dadfe33f19bb384d2d3a7418e2551e29e43920698
SHA512

8331ce77f1ff956b6f07cf248565441a370cc6fa18c8f20270fb00f7d839de4017373d4baee1c97570d4b6d0e212c4cfb5dd92427b7e1f6c3e445e07740f050a
SSDEEP

1536:0+OLGC1PEaq9eKOx16jefhEmPRv/T/AMzyFEU3yWi5UZzfTk9BnqH7qQ:mDEaqsKOxEjeJEmPBAMzztizLk9obqQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
106bd395cb23d8b7dbab2ee9a46914d1

Files

106bd395cb23d8b7dbab2ee9a46914d1
.exe windows:1 windows x86 arch:x86

a31274201b3afa3b9665609543582fb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetACP
GetStartupInfoA
GetLastError
GlobalReAlloc
ExpandEnvironmentStringsA
GlobalAddAtomA
FormatMessageA
VirtualFree
SizeofResource
LoadLibraryA
ExitProcess
GetCurrentProcessId
GetSystemInfo
FileTimeToLocalFileTime
EnterCriticalSection
GetExitCodeThread
WriteConsoleW
GetDateFormatA
QueryPerformanceCounter
DeviceIoControl
ExitThread
GetStringTypeW
QueryPerformanceFrequency
CreateToolhelp32Snapshot
lstrlenA
GetEnvironmentStrings
SetFilePointer
FindFirstFileA
CreateThread
SetThreadAffinityMask
ResetEvent
InterlockedDecrement
Module32Next
RaiseException
lstrcmpiA
CreateFileMappingA
CreateEventA
HeapAlloc
WriteConsoleA
FreeEnvironmentStringsA
GetConsoleOutputCP
SetEvent
GetModuleFileNameA
FlushFileBuffers
MulDiv
FindClose
lstrcmpA
HeapCreate
CreateProcessA
FreeLibrary
Module32First
TlsSetValue
lstrcpyA
GetProcessAffinityMask
UnmapViewOfFile
GetEnvironmentVariableA
TerminateProcess
GetConsoleMode
GetVersion
IsBadReadPtr
OpenEventA
InterlockedExchange
GetModuleHandleA
GetOEMCP
FileTimeToSystemTime
OpenProcess
GetCommandLineW
SetStdHandle
SetLastError
IsDebuggerPresent
GetEnvironmentStringsW
FindResourceA
VirtualAlloc
PulseEvent
GetSystemTimeAsFileTime
GetProcessHeap
RtlUnwind

msvcrt

_wcsdup
wcscoll
memcpy
strncmp
__p__commode
_mbsrchr
_fgetchar
_strtoi64
_acmdln
labs
iswspace
_ismbclegal
wcspbrk
_ismbbkalnum
_initterm
_sys_nerr
_mbctoupper
_wcstoui64
_chdir
_adjust_fdiv
_wgetenv
_mbspbrk
modf
_mbstok
_except_handler3
_eof
_wexecle
_fileinfo
strtol
strcspn
_controlfp
_aligned_malloc
wcschr
_mbsnicoll
_wfdopen
_aexit_rtn
_fgetwchar
_mbsicoll
_findfirst64
iswprint
putwc
_mbbtype
_commit
_XcptFilter
_getws
strcpy
fgets
_fstat64
mblen
_mbscmp
_mbsnccnt
fscanf
_vscwprintf
_get_heap_handle
wcsncmp
_mbsset
_setmode
strtoul
_beep
_ismbclower
mbstowcs
_winminor
strchr
bsearch
_wchdir
_tell
_ismbcsymbol
_wstrdate
_ftime64
__p__fmode
atexit
fgetws
log10
fseek
_adj_fdivr_m16i
_fullpath
_utime
_wrename
iswctype
_time64
_mbcasemap
_tzset
__setusermatherr
_wpgmptr
_exit
fread
_itoa
_safe_fdivr
_fstat
swscanf
_strncoll
iswascii
__set_app_type
_wfindfirst64
_tolower
_atoi64
__getmainargs
isalnum
exit
_ltoa
wcsrchr
iswgraph
signal
_wstat64
_getdrives

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a31274201b3afa3b9665609543582fb4

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 512B - Virtual size: 85B

.rsrc Size: 512B - Virtual size: 284B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 512B - Virtual size: 85B

.rsrc
Size: 512B - Virtual size: 284B