50e7021550878244541919c7c37e1d3f

General

Target

50e7021550878244541919c7c37e1d3f
Size

288KB
MD5

50e7021550878244541919c7c37e1d3f
SHA1

75d3da5d835a1e20cf510aec4cdf943f5afb21d4
SHA256

8aeb46e9646faaf48912361f929afd3f345b561c099a226c0f4fdc016e101ce1
SHA512

12792ba2d53af846a3957502ca15944010721ee4b8d7892c8bdb83bb301f764c1475cac4ef8c6e705a0a3fc1d3c42197a7dbc03d6215a89158a4c65e61d6b7c7
SSDEEP

6144:KBtl9/vp4RQEr6QZU8A9/rvvWGEcvYQQ:g/x4ve2U8arm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50e7021550878244541919c7c37e1d3f

Files

50e7021550878244541919c7c37e1d3f
.exe windows:5 windows x86 arch:x86

385b0e17018e082058c902c1a21202e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
Process32First
lstrcatA
GetProcAddress
VirtualAlloc
LoadLibraryA
Process32Next
GetModuleHandleA
CreateToolhelp32Snapshot
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
InitializeCriticalSectionAndSpinCount

user32

CharLowerBuffA

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

385b0e17018e082058c902c1a21202e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 243KB - Virtual size: 242KB

.data Size: 3KB - Virtual size: 6KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 243KB - Virtual size: 242KB

.data
Size: 3KB - Virtual size: 6KB