376186209da0c52bbbe25ff894182ef7

General

Target

376186209da0c52bbbe25ff894182ef7
Size

17KB
MD5

376186209da0c52bbbe25ff894182ef7
SHA1

523864aee7abe28fa1ad789581274906c84df5d2
SHA256

86ded5e690228ec65c9b29a56b402602c60777cec961cbf3ee6e3ae4efd29e79
SHA512

3e027ac8a298537b6f7531751ebc34ddecb73beb6e02f6b061929a9b9358d6920ce39494f1518db1df02685308d9517dae6655737fe1ca10942fcec6495a062a
SSDEEP

192:uPKh5I2Y2szTC/o/aNTyFAAeyDXD7QI1/1I9S4C1:uPq5GSaAADz11/1I9S4C1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
376186209da0c52bbbe25ff894182ef7

Files

376186209da0c52bbbe25ff894182ef7
.exe windows:5 windows x86 arch:x86

7c9baa7bffd09365f22a10b9abec3cf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atoi
memcpy
_snwprintf
_snprintf
strncpy
strncmp
memset
_wcsnicmp
strstr

kernel32

MultiByteToWideChar
GetModuleHandleW
ExitProcess
Sleep
ExitThread
CreateMutexW
GetLastError
WaitForSingleObject
ReleaseMutex
OpenProcess
FlushInstructionCache
WriteProcessMemory
VirtualProtect
ReadProcessMemory
VirtualAlloc
GetProcAddress
GetModuleHandleA
CloseHandle
Process32NextW
lstrlenW
Process32FirstW
CreateToolhelp32Snapshot
WideCharToMultiByte
CreateRemoteThread
lstrlenA
GetProcessHeap
OpenMutexW
GetCurrentProcessId

ntdll

RtlAllocateHeap
NtWriteVirtualMemory
NtFreeVirtualMemory
RtlFreeHeap
NtAllocateVirtualMemory
NtReadVirtualMemory

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 641B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c9baa7bffd09365f22a10b9abec3cf0

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ntdll

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 641B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 641B