64554d8f131048549defb874b8876ec7

Sharing

Copy URL Twitter E-mail

General

Target

64554d8f131048549defb874b8876ec7
Size

178KB
MD5

64554d8f131048549defb874b8876ec7
SHA1

15178805f21e97812cb93417cdd262a849943e84
SHA256

92c3ef660999f13c12226eafa3b555f8a421390a334f60a4c3e6ecd6dd27104f
SHA512

fca44039833dd0fd695109317463fdc6f00b6604600b61b1953c6a079175bf3c34e97b6af4def858bcf8605c633f20cc7d05963baf651eea6b91cda71716432c
SSDEEP

3072:1E4GyryhXJ8S3m2iXe/5RadUWw4sUZTOxdO1BdBv+CZpXrl731VjYfFhpwSt:1hGQyh58IN4e/5RHWw7qOxQ1Lpbl73nu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64554d8f131048549defb874b8876ec7

Files

64554d8f131048549defb874b8876ec7
.exe windows:1 windows x86 arch:x86

5131741473c3acb17e5a86d75a2888bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
MoveFileWithProgressA
CreateSemaphoreA
GlobalFix
RemoveDirectoryA
IsValidLocale
FlushFileBuffers
LZSeek
GetEnvironmentVariableA
GlobalMemoryStatus
GetCurrentThreadId
LZCloseFile
SetHandleCount
VirtualAlloc
WaitForMultipleObjectsEx
GetWindowsDirectoryA
GetUserDefaultLCID
GetUserDefaultUILanguage
GetDiskFreeSpaceA
LoadLibraryExA
SetFileShortNameA
GetDevicePowerState
GetStringTypeA
lstrcmpiA
GetConsoleAliasesLengthA
SetConsoleInputExeNameA
SetDefaultCommConfigA
HeapDestroy
GetModuleHandleA
SetInformationJobObject
QueryPerformanceCounter
GetConsoleCursorMode
GetComPlusPackageInstallStatus
GetSystemInfo
GlobalFree
GetModuleFileNameA
SetConsoleFont
GetCurrentProcess
GetStdHandle
GetUserDefaultLangID
PeekConsoleInputA
GetBinaryType
GetProcessHandleCount
GetCommProperties
RequestDeviceWakeup
GetDllDirectoryA
GetSystemTimeAdjustment
ExpungeConsoleCommandHistoryA
ReadConsoleA
GetTapeParameters
IsValidCodePage
TerminateProcess
GetProcessVersion
ConnectNamedPipe
CreateTimerQueueTimer
ReadConsoleOutputCharacterA
ExitVDM
GetCPInfo
GetLogicalDrives
GetSystemTime
SetConsoleIcon
FillConsoleOutputCharacterA
SetThreadIdealProcessor
EnumSystemCodePagesA
QueryInformationJobObject
GlobalReAlloc
DeleteTimerQueueTimer
SetConsoleCursorMode
EndUpdateResourceA
DeleteFileA
GetVersionExA
HeapSize
MoveFileExA
GetFileTime
EndUpdateResourceA
GetModuleHandleA
GetCurrentProcessId
OpenEventA
GetVersion
GetSystemPowerStatus
DeleteTimerQueueTimer
PurgeComm
GetExpandedNameA
HeapSize
GetDiskFreeSpaceA
HeapValidate
GetFileAttributesExA
EndUpdateResourceA
GetTickCount
GetDefaultCommConfigA
GetProcessTimes
GetProcessWorkingSetSize
GetConsoleWindow
EndUpdateResourceA
FindVolumeMountPointClose
GetProcessShutdownParameters
VirtualQueryEx
GetVolumePathNameA
FindFirstFileExA
BuildCommDCBAndTimeoutsA
GetConsoleAliasExesLengthA
WaitNamedPipeA
SetLocalPrimaryComputerNameA
DeleteTimerQueue
VirtualProtect
EnumSystemLanguageGroupsA
GetFullPathNameA
GetCurrentThread
LockFile
ExitProcess
Toolhelp32ReadProcessMemory
GetConsoleInputWaitHandle
OpenSemaphoreA
IsDebuggerPresent
GetNamedPipeHandleStateA
PurgeComm
GetExitCodeThread
OpenJobObjectA
WriteConsoleInputA
VirtualQuery
FindNextFileA
GetDefaultCommConfigA
GetEnvironmentStringsA
GetThreadTimes
WriteConsoleOutputCharacterW
SetThreadAffinityMask
GetComputerNameA
GlobalSize
ChangeTimerQueueTimer
GetProcessWorkingSetSize
FindFirstVolumeMountPointW
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
GetProcessId
IsBadStringPtrA

ntdll

RtlGetLastWin32Error

user32

DestroyWindow

advapi32

AddAccessDeniedAceEx

Sections

.text
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 100KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5131741473c3acb17e5a86d75a2888bd

Headers

File Characteristics

Imports

kernel32

ntdll

user32

advapi32

Sections

.text Size: 44KB - Virtual size: 48KB

.idata Size: 100KB - Virtual size: 104KB

.rsrc Size: 32KB - Virtual size: 36KB

.text
Size: 44KB - Virtual size: 48KB

.idata
Size: 100KB - Virtual size: 104KB

.rsrc
Size: 32KB - Virtual size: 36KB