44fc5d5063f01c96adb07a4cdbaf58e8

Sharing

Copy URL

Twitter E-mail

General

Target

44fc5d5063f01c96adb07a4cdbaf58e8
Size

276KB
MD5

44fc5d5063f01c96adb07a4cdbaf58e8
SHA1

a827608f5d670d3356bcf2ab2b881d131d77ea26
SHA256

bfb685d4688fc0b26d5c0376135557bd2aa3b1e29762f9f45f61caa197cc6273
SHA512

884a9f9095c0828d2aed8cda0eae57ee70829212404553ca3d3d260f274346141a96c0b1a4bcdf54f5fdbadcd350ff067b3d06b4f8f417c85d47d22f9d66322c
SSDEEP

6144:15AtMm2r8WYKHGi0vBDx3tIdY4o8SPfT6fWBuxXsU57E7U:bcMm2rcKH50vxx3KtoBfOuykU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44fc5d5063f01c96adb07a4cdbaf58e8

Files

44fc5d5063f01c96adb07a4cdbaf58e8
.exe windows:5 windows x86 arch:x86

18bc4b1c9a93d1abe3a5bad2bcfc34bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFinalPathNameByHandleW
GetMaximumProcessorGroupCount
GetNamedPipeClientComputerNameW
GetApplicationRecoveryCallback
TlsFree
LocalFree
FormatMessageA
CreateMemoryResourceNotification
AddSecureMemoryCacheCallback
SetFileInformationByHandle
GetFileInformationByHandle
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
GetLastError
GetModuleHandleW
TlsAlloc
DecodePointer
WriteConsoleW
SetFilePointerEx
CloseHandle
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
FreeLibrary
LoadLibraryExW
SetLastError
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetACP
HeapFree
HeapAlloc
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetFileType
SetStdHandle
GetStringTypeW
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
CreateFileW

gdi32

CreatePalette
CreateMetaFileW
CreateHatchBrush
CreateHalftonePalette
CreateFontW
ColorCorrectPalette
CloseMetaFile
CreateBrushIndirect
CreateBitmapIndirect
CreateSolidBrush

advapi32

ConvertToAutoInheritPrivateObjectSecurity
QueryRecoveryAgentsOnEncryptedFile

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18bc4b1c9a93d1abe3a5bad2bcfc34bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

ws2_32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 296B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 178KB - Virtual size: 177KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 296B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 178KB - Virtual size: 177KB

.reloc
Size: 5KB - Virtual size: 5KB