64ec1ad1798297083ab3ce4477e68ff8

General

Target

64ec1ad1798297083ab3ce4477e68ff8
Size

367KB
MD5

64ec1ad1798297083ab3ce4477e68ff8
SHA1

d4675fec45061cbd39cd3a8c25cb2e9d564c11a6
SHA256

ab3ee8c26461127a0e5bcdbf41960fb34c1949ae86ff86fe5847b31c3ce1e1ba
SHA512

6e78c265eda11e78b67dc3ca532680e15f44fdfb0eae820b6d9e28168813a0eccf4763574d39d0a9e8d50f84c5ada0a5a3efd3cf4f8a70788ae79af8bc796903
SSDEEP

768:yOB5TJkIQFaorydG7OdDnP98PDPhyqVig2IrR7bAO:PTJkIQFHNLPmIrR4O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64ec1ad1798297083ab3ce4477e68ff8

Files

64ec1ad1798297083ab3ce4477e68ff8
.exe windows:0 windows x86 arch:x86

6d77185691e06adcec6a270efbc1a8c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ActivateActCtx
AddAtomA
AddAtomW
BackupWrite
BaseCheckAppcompatCache
BaseFlushAppcompatCache
BaseInitAppcompatCache
BaseProcessInitPostImport
BaseQueryModuleData
BindIoCompletionCallback
BuildCommDCBAndTimeoutsW
ContinueDebugEvent
ConvertFiberToThread
CopyFileW
CreateActCtxA
CreateDirectoryExA
CreateDirectoryExW
CreateFileA
CreateHardLinkW
CreateNlsSecurityDescriptor
CreateProcessInternalWSecure
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DebugActiveProcess
DebugBreak
DecodePointer
DefineDosDeviceW
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EncodeSystemPointer
EnumTimeFormatsW
ExpandEnvironmentStringsA
FatalAppExitA
FatalExit
FillConsoleOutputCharacterA
FoldStringW
FormatMessageW
FreeConsole
FreeLibraryAndExitThread
GetAtomNameA
GetCPFileNameFromRegistry
GetCPInfo
GetCommState
GetCommTimeouts
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleInputWaitHandle
GetConsoleWindow
GetCurrentDirectoryW
GetCurrentProcessId
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetDriveTypeW
GetHandleContext
GetHandleInformation
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeHandleStateW
GetNextVDMCommand
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProcAddress
GetProcessIoCounters
GetProcessShutdownParameters
GetProfileIntW
GetProfileStringW
GetQueuedCompletionStatus
GetSystemDefaultLCID
GetSystemDefaultUILanguage
GetSystemRegistryQuota
GetSystemTimes
GetSystemWow64DirectoryW
GetThreadContext
GetThreadTimes
GetVolumePathNameW
GetVolumePathNamesForVolumeNameW
GlobalMemoryStatusEx
Heap32First
HeapExtend
HeapLock
HeapQueryTagW
HeapSummary
InitializeCriticalSectionAndSpinCount
InterlockedExchange
InterlockedFlushSList
InterlockedIncrement
LZOpenFileA
LoadLibraryA
LoadLibraryW
LoadModule
LoadResource
LocalAlloc
LocalCompact
LocalLock
LockFile
MapUserPhysicalPages
MoveFileExW
MoveFileWithProgressW
NlsGetCacheUpdateCount
NlsResetProcessLocale
OpenSemaphoreW
PeekConsoleInputW
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryWin31IniFilesMappedToRegistry
ReadConsoleOutputA
ReadFile
RegisterConsoleOS2
RemoveLocalAlternateComputerNameA
RtlFillMemory
SetCalendarInfoA
SetCommMask
SetComputerNameW
SetConsoleCommandHistoryMode
SetConsoleMenuClose
SetConsoleOutputCP
SetConsolePalette
SetConsoleTitleA
SetConsoleWindowInfo
SetProcessAffinityMask
SetProcessPriorityBoost
SetSystemTime
SetUnhandledExceptionFilter
SetVDMCurrentDirectories
SignalObjectAndWait
TzSpecificLocalTimeToSystemTime
ValidateLocale
VirtualAllocEx
VirtualFree
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteFileEx
WriteProfileStringA
lstrcpy

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d77185691e06adcec6a270efbc1a8c6

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB