48eb6c6ac1f61331ee5d7cc69f306564

Sharing

Copy URL Twitter E-mail

General

Target

48eb6c6ac1f61331ee5d7cc69f306564
Size

350KB
MD5

48eb6c6ac1f61331ee5d7cc69f306564
SHA1

4de0b591331dee1173f6555de4519246154d5122
SHA256

bc3b3a762f25bafa8ef7ef9cba488d356e5c86759195d7ba86346da8e7b5afa5
SHA512

ef1dc77dcabbe3b8aa57d2665341daa30abc57e53d43d8fdc096c0609b4abb6616750a7172bb3b44363c8be43919c0ceba7dbc8ccf4cd848fc437d8fb3a93e77
SSDEEP

6144:o87ltODj9bxm85ZtlulVKhiWsQqqZnp68y5iDFlFjSo4LG:B7GVFlulV2RXbpocj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48eb6c6ac1f61331ee5d7cc69f306564

Files

48eb6c6ac1f61331ee5d7cc69f306564
.exe windows:4 windows x86 arch:x86

01d1ad521f02e43c196972670f4dc80d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
HeapSize
GetCurrentProcessId
IsValidCodePage
GetModuleFileNameA
SetConsoleCtrlHandler
SetLastError
IsDebuggerPresent
FlushFileBuffers
InterlockedIncrement
TerminateProcess
GetModuleHandleA
UnhandledExceptionFilter
SetHandleCount
GetConsoleOutputCP
GetStdHandle
MultiByteToWideChar
TlsSetValue
GetVersionExA
WriteFile
GetStartupInfoA
HeapCreate
HeapAlloc
GetTimeFormatA
TlsGetValue
Sleep
GetOEMCP
GetStringTypeW
GetUserDefaultLCID
IsValidLocale
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProcAddress
GetCommandLineW
GetCurrentProcess
GetDateFormatA
VirtualQuery
EnumSystemLocalesA
QueryPerformanceCounter
InitializeCriticalSection
GetTickCount
RtlUnwind
HeapReAlloc
GetLastError
GetModuleFileNameW
SetEnvironmentVariableA
GetEnvironmentStrings
VirtualAlloc
WriteConsoleW
GetFileType
GetConsoleMode
TlsFree
WideCharToMultiByte
GetConsoleCP
CreateMutexA
GetCurrentThread
LCMapStringA
CloseHandle
CompareStringA
GetStringTypeA
HeapDestroy
CreateFileA
GetTimeZoneInformation
GetProcessHeap
HeapFree
ReleaseMutex
InterlockedDecrement
GetLocaleInfoW
LoadLibraryA
CopyFileA
LCMapStringW
ReadFile
GetACP
SetFilePointer
VirtualFree
GetCurrentThreadId
GetCommandLineA
SetUnhandledExceptionFilter
TlsAlloc
OpenMutexA
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
InterlockedExchange
GetStartupInfoW
ExitProcess
WriteConsoleA
DeleteCriticalSection
GetEnvironmentStringsW
SetConsoleScreenBufferSize
CompareStringW
GetSystemTimeAsFileTime
GetCPInfo

comctl32

InitCommonControlsEx

user32

SetThreadDesktop
GetQueueStatus
SetCaretPos
IsWindowEnabled
DestroyMenu
InsertMenuW
LoadImageW
ReplyMessage
DdeClientTransaction
RegisterHotKey
CharUpperW
IsDialogMessageW
LoadStringW
GetMenuInfo
OpenClipboard
GetParent
SetWindowContextHelpId
IsCharAlphaW
RegisterClassExA
RegisterClassA
OemKeyScan
GetMenu
CreateWindowExA

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01d1ad521f02e43c196972670f4dc80d

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 9KB - Virtual size: 26KB

.data Size: 148KB - Virtual size: 147KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 9KB - Virtual size: 26KB

.data
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 12KB - Virtual size: 12KB