64c4117ac2de0dbc6abbab4fc35fa17f

Sharing

Copy URL

Twitter E-mail

General

Target

64c4117ac2de0dbc6abbab4fc35fa17f
Size

695KB
MD5

64c4117ac2de0dbc6abbab4fc35fa17f
SHA1

7b44eeca2bae8b7c50940ffc823ea1b9fa614c47
SHA256

906e21a4f7cef41dbb6005993dd54a70e85043b9088e5456290723465e919435
SHA512

5b699af154291465fa2cbc5137649cb1eb002841b4593544ee225c2bb75ac8c061a45e0cef92f5d29f66628d69a6c12336928a49231add0d1ea638e396791481
SSDEEP

12288:mgRd+T2hK+0gbGAIGTCig3jh1i6Hy6zapDDgjr05B0Th5yH8zqA3G0V:mgX2kK+0gbGTi83i6Hy68g8HHq1L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64c4117ac2de0dbc6abbab4fc35fa17f

Files

64c4117ac2de0dbc6abbab4fc35fa17f
.exe windows:4 windows x86 arch:x86

e24453bf932bdfe72064efa2651a5a4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

LockWindowUpdate
TileChildWindows
ToAsciiEx
RegisterClassA
CallMsgFilter
SetRectEmpty
GetTabbedTextExtentA
SetClipboardViewer
SetMenuInfo
SendMessageW
RegisterClassExA

kernel32

SetHandleCount
GetUserDefaultLCID
InterlockedIncrement
FlushFileBuffers
WriteConsoleW
ReadFile
GetProcAddress
GetEnvironmentStringsW
LoadLibraryA
LCMapStringA
GetSystemTimeAsFileTime
GetModuleHandleA
HeapAlloc
InterlockedDecrement
DeleteCriticalSection
GetTimeZoneInformation
TlsSetValue
LCMapStringW
GetLocaleInfoW
GetCurrentThread
ExitProcess
CompareStringA
RemoveDirectoryW
HeapDestroy
GetCommandLineA
GetCurrentThreadId
IsValidLocale
CompareFileTime
CloseHandle
HeapCreate
GetDateFormatA
Sleep
GetFileType
GetCurrentProcessId
GetConsoleCP
GetLastError
InitializeCriticalSectionAndSpinCount
EnumSystemLocalesA
GetStdHandle
VirtualFree
WriteConsoleA
TlsGetValue
EnterCriticalSection
UnhandledExceptionFilter
InterlockedExchange
GetSystemInfo
FreeLibrary
SetLastError
FreeEnvironmentStringsW
GetModuleFileNameA
GetLocaleInfoA
GetStartupInfoA
HeapSize
GetConsoleOutputCP
TlsFree
WriteFile
MultiByteToWideChar
GetACP
TerminateProcess
CompareStringW
LeaveCriticalSection
MoveFileW
WideCharToMultiByte
QueryPerformanceCounter
GetProcAddress
SetConsoleCtrlHandler
FreeEnvironmentStringsA
HeapReAlloc
CreateMutexA
SetFilePointer
SetUnhandledExceptionFilter
GetTimeFormatA
VirtualAlloc
GetCurrentProcess
TlsAlloc
GetComputerNameW
GetCPInfo
OpenMutexA
HeapFree
VirtualQuery
GetTickCount
CreateFileA
IsValidCodePage
SetEnvironmentVariableA
SetStdHandle
GetConsoleMode
GetEnvironmentStrings
GetOEMCP
GetModuleHandleW
IsDebuggerPresent
GetStringTypeA
GetStringTypeW
DeleteFileW
RtlUnwind

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e24453bf932bdfe72064efa2651a5a4a

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 9KB - Virtual size: 18KB

.data Size: 320KB - Virtual size: 319KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 9KB - Virtual size: 18KB

.data
Size: 320KB - Virtual size: 319KB

.rsrc
Size: 8KB - Virtual size: 8KB