2595211b261f2117e9021b3491927231

Sharing

Copy URL Twitter E-mail

General

Target

2595211b261f2117e9021b3491927231
Size

127KB
MD5

2595211b261f2117e9021b3491927231
SHA1

9b224cd4194a90a732fe7f09564c43a1be2f0b4b
SHA256

7bf09c289db76f2ccf3b3a2a5de9b185f6d2a8f6723f8113c58e55d95e7e3b7c
SHA512

8d8118e04be4b79a5441651123c03b91604b2837ae8b3cd4f78c59f21f9a8f7b443b3c28358451d6cce04b48457d239c72927a54f1d18fba3770a6dfc2d9cba1
SSDEEP

3072:HKdc4PQKbivyB0XcqiEnCZutXwXTe6JM5pvYq5QsEvqXMixw:HKdcsDiyB0Xc3EnCZDhU96b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2595211b261f2117e9021b3491927231

Files

2595211b261f2117e9021b3491927231
.exe windows:4 windows x86 arch:x86

722dce3b1d445549b4e361263355f73d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EraseTape
ReleaseSemaphore
GlobalUnWire
GetLastError
SetVolumeMountPointW
BuildCommDCBAndTimeoutsW
SetProcessShutdownParameters
BuildCommDCBAndTimeoutsA
CallNamedPipeA
GetVolumePathNameA
WaitForSingleObject
GetModuleHandleA
CreateTimerQueue
FindFirstVolumeW
SetEvent
SetupComm
GlobalMemoryStatusEx
WaitForDebugEvent
WriteConsoleOutputCharacterW
GetLocaleInfoW
GetSystemDirectoryW
SetFileApisToOEM
BindIoCompletionCallback
SetFileAttributesA
ReadFileEx
SetConsoleCursorMode
GetCurrentDirectoryW

msvcrt

_getsystime
??0bad_typeid@@QAE@PBD@Z
_mbsdec
_wtmpnam
_abnormal_termination
_mbscspn
log10
__STRINGTOLD
??0exception@@QAE@ABV0@@Z
_XcptFilter
_strnicoll
_getdrives
_access
_setmaxstdio
_strtime
_atodbl
_ui64tow
__p__dstbias
?raw_name@type_info@@QBEPBDXZ
_chdir
_clearfp
_purecall
_stat64
_setjmp3
??_7bad_cast@@6B@

gdi32

EnableEUDC
Arc
EngFindResource
GdiGetPageCount
XLATEOBJ_iXlate
SaveDC
PATHOBJ_vEnumStartClipLines
DeleteColorSpace
SetAbortProc
GdiConvertDC
PolyDraw
SelectClipPath
GetDeviceGammaRamp
SetBitmapBits
GdiEntry2
EngStrokeAndFillPath
GetFontUnicodeRanges
GetWindowOrgEx
SetStretchBltMode
GdiConvertRegion
CLIPOBJ_cEnumStart
CopyMetaFileW
EnumEnhMetaFile
GetViewportExtEx
EngDeleteClip
GdiEntry7

user32

LoadCursorW
AnimateWindow
ReuseDDElParam
ScrollWindow
GetCapture
GetKeyboardLayoutList
DlgDirListComboBoxA
BroadcastSystemMessage
GetLastActivePopup
ChildWindowFromPoint
GetInternalWindowPos
ToAsciiEx
DdeGetLastError
ToUnicode
InvalidateRgn
DrawAnimatedRects
EnumThreadWindows
RegisterClassA
SetWindowTextA
EnumDisplaySettingsW
FindWindowExW
LoadRemoteFonts
User32InitializeImmEntryTable
SetFocus
FindWindowW
EndMenu
GetCaretPos

shlwapi

PathFileExistsW
PathAddExtensionW
StrFormatKBSizeW
PathFindSuffixArrayA
PathCompactPathW
PathParseIconLocationW
PathIsUNCServerW
PathMatchSpecW
SHOpenRegStreamW
PathMakePrettyW
PathIsSystemFolderW
PathIsRelativeA
SHSetValueW
PathAddExtensionA
PathFileExistsA
PathIsSameRootW
SHRegEnumUSValueW
SHRegDeleteUSValueA
PathIsRootW
PathUnExpandEnvStringsA
SHDeleteValueW
PathIsUNCServerA
PathIsNetworkPathA
PathIsDirectoryW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

722dce3b1d445549b4e361263355f73d

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

shlwapi

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 116KB - Virtual size: 116KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 20B