387eac0bd3eab0a7cfe14f1251bac770

Sharing

Copy URL

Twitter E-mail

General

Target

387eac0bd3eab0a7cfe14f1251bac770
Size

53KB
MD5

387eac0bd3eab0a7cfe14f1251bac770
SHA1

b441144ae61a3341f0c17b4a3faaf731418bb674
SHA256

40abdeff4b9811b623e454de407ca3ddf8efe5ad101e2601335c9275a3a1396c
SHA512

7cc9c29857958493aab587f2c77408fd6f025b1281de53e15afe2fdef351663a492a19b720eb3eed77d4e5137c85d8a03d9233ef19bcfcd5db059b22a00fa1ca
SSDEEP

1536:zId3r/BnnTyDYCDW2XqN2vWQCMWknLI4D4kny:sd3DBnTyDBDWeqodCMWkVxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
387eac0bd3eab0a7cfe14f1251bac770

Files

387eac0bd3eab0a7cfe14f1251bac770
.exe windows:5 windows x86 arch:x86

055b19e2a9b8a05be7c5bc691f3b594a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
IsDBCSLeadByte
OpenEventW
lstrlenA
GetWindowsDirectoryA
CopyFileExA
SetConsoleHardwareState
CreateMutexW
GetProcessTimes
AddAtomA
GetLogicalDrives
QueryDosDeviceA
SetConsoleScreenBufferSize
InterlockedDecrement
AddVectoredExceptionHandler
ResetEvent
GetNumaHighestNodeNumber
SetConsoleCursor
ReleaseActCtx
LoadLibraryA
GetLocalTime
TermsrvAppInstallMode
GetConsoleInputExeNameA
WaitCommEvent
VDMOperationStarted
UpdateResourceW
ReadFileEx
LZSeek
SystemTimeToTzSpecificLocalTime
GetACP
DeleteFileA
GlobalMemoryStatus
SetDefaultCommConfigW
EnumSystemLanguageGroupsW
MapViewOfFile
SetComputerNameExW
WriteProfileStringA
GetDateFormatW
TransactNamedPipe
SetMessageWaitingIndicator
ConsoleMenuControl
EndUpdateResourceW
RegisterConsoleOS2
GetConsoleAliasW
FindResourceExA
GetStartupInfoA
GetExpandedNameA
_hwrite
VirtualAlloc
GetStartupInfoW
HeapLock
GetNumaAvailableMemoryNode
PeekConsoleInputA
RegisterWowExec
GetSystemDirectoryA
FindAtomA
FlushViewOfFile
ChangeTimerQueueTimer
GetCPInfoExW
GetDiskFreeSpaceExA
EnumCalendarInfoW
VerifyVersionInfoA
GetThreadContext

ntdll

RtlCreateUnicodeStringFromAsciiz
NtCloseObjectAuditAlarm
RtlAreAllAccessesGranted
RtlMapSecurityErrorToNtStatus
RtlSetSaclSecurityDescriptor
RtlMultiAppendUnicodeStringBuffer
strcat
LdrLoadDll
_allmul
NtSetLdtEntries
ZwQueryInformationProcess
ZwUnlockFile
RtlAddActionToRXact
NtSetQuotaInformationFile
ZwCreatePagingFile
RtlHashUnicodeString
NtCreateTimer
RtlIsActivationContextActive
RtlAnsiStringToUnicodeSize
ZwOpenObjectAuditAlarm
ZwDeleteFile
ZwReleaseSemaphore
NtNotifyChangeDirectoryFile
RtlFillMemoryUlong
RtlUpcaseUnicodeToMultiByteN
RtlAppendAsciizToString
RtlDestroyHandleTable
RtlPrefixString
RtlCopySid
RtlIsValidHandle
RtlExitUserThread

d3dxof

DirectXFileCreate

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

055b19e2a9b8a05be7c5bc691f3b594a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

d3dxof

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 996B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 996B

.rsrc
Size: 10KB - Virtual size: 10KB