2279819b14ab3fa06c75e5c7c47a14a9

Sharing

Copy URL

Twitter E-mail

General

Target

2279819b14ab3fa06c75e5c7c47a14a9
Size

136KB
MD5

2279819b14ab3fa06c75e5c7c47a14a9
SHA1

36ed0fbd66a3f832695c615b4a17b2d93d12ff5d
SHA256

0743940a16bdcd84e324a486fe137548a7eaeeac94fdf79cdb55f6d6a7215f48
SHA512

999a2526fa51c8f1b9e70c1b31ad135faa7da992283f3b642648753ca0ce9cb6b7f2afe742bb059b96c5c8e92cb78ca3994aa9b68c65bd261e89f746501da06f
SSDEEP

3072:SwPFREmsG+zLDYSoNC6+SPj9brcTrWoc6KQ+Cx:zwmiDaN+SBbYHc6KpCx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2279819b14ab3fa06c75e5c7c47a14a9

Files

2279819b14ab3fa06c75e5c7c47a14a9
.exe windows:5 windows x86 arch:x86

ddcdb287f58e4c2d4daeb5af94b22b5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup

kernel32

MapViewOfFile
UnmapViewOfFile
GetModuleHandleW
VirtualFree
WriteFile
Sleep
CopyFileW
ReadFile
GetModuleFileNameW
CreateFileW
lstrlenW
GetLastError
GetProcAddress
VirtualAlloc
CreateFileMappingW
lstrcmpiW
OpenFileMappingW
CloseHandle
ExitProcess
GetCommandLineW
GetTempFileNameW
CreateProcessW
LoadLibraryW
GetSystemWow64DirectoryW
lstrcmpW
GetTempPathW
lstrcpyW
CreateThread
GetEnvironmentVariableW
lstrlenA
GetDriveTypeW
MoveFileExW
SleepEx
GetFileSize
lstrcatW
WinExec
GetVersion
GetSystemTime
FreeLibrary
HeapAlloc
HeapFree
GetProcessHeap
IsBadReadPtr
LoadLibraryA
VirtualProtect
GetStringTypeW
MultiByteToWideChar
LCMapStringW
IsProcessorFeaturePresent
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetSystemTimeAsFileTime
WideCharToMultiByte
HeapSetInformation
GetStartupInfoW
GetCurrentThreadId
DecodePointer
GetCommandLineA
GetLogicalDrives
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

wsprintfW
keybd_event
GetClassNameA
VkKeyScanW
SetTimer
PostQuitMessage
PostMessageW
SetForegroundWindow
DialogBoxParamW
GetForegroundWindow
GetWindowTextW
EndDialog
GetCursorPos
EnumChildWindows
ShowWindow
SendMessageW
CallNextHookEx
TrackPopupMenu

advapi32

RegQueryValueExW
RegOpenKeyW

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddcdb287f58e4c2d4daeb5af94b22b5b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 5KB - Virtual size: 15KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 5KB - Virtual size: 15KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 3KB