65d98a2f5f57cd2706b1d31c896c18e8

Sharing

Copy URL Twitter E-mail

General

Target

65d98a2f5f57cd2706b1d31c896c18e8
Size

251KB
MD5

65d98a2f5f57cd2706b1d31c896c18e8
SHA1

b146a5f0f27b90a8cbb3839d6db32e6679b334ab
SHA256

f01ffe0fc3a61ab83bb4ad4b943ddcff53fd2cd22cf066140d8b4794be0999bd
SHA512

9a00a1f5e6cc6eb45acf5f2d46cfa1964bdbeca67504218fb3097748e770465b6385fd8cbec73311ca81ef19f3d1c4fb156d961084d68b6231b1027005b5f2ee
SSDEEP

6144:I121IVglRJOPlY1orsTMKHHEnOvAjQAgjTLcJt:Iw9RJkl/T1QAmIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d98a2f5f57cd2706b1d31c896c18e8

Files

65d98a2f5f57cd2706b1d31c896c18e8
.exe windows:4 windows x86 arch:x86

f67e08d97a1720c98dc49914c258d145

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetUserDefaultLCID
HeapCreate
MultiByteToWideChar
GetProcAddress
HeapDestroy
HeapReAlloc
SetEnvironmentVariableA
lstrlen
GetLocaleInfoW
GetCurrentProcessId
SetUnhandledExceptionFilter
SystemTimeToFileTime
GetACP
Sleep
WideCharToMultiByte
HeapSize
GetWindowsDirectoryW
TlsFree
WriteFile
GetDateFormatA
TlsSetValue
CompareStringA
GetStringTypeA
InterlockedDecrement
GetDriveTypeW
GetLastError
SetLastError
GetAtomNameA
ExitProcess
GetTickCount
lstrcmpi
SetHandleCount
HeapFree
EnumSystemLocalesA
GetModuleFileNameA
GetStartupInfoA
LoadLibraryA
QueryPerformanceCounter
EnterCriticalSection
VirtualAlloc
EnumResourceLanguagesA
DosDateTimeToFileTime
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsA
GetCPInfo
GetEnvironmentStringsW
LCMapStringA
TlsGetValue
GetVersionExA
CompareStringW
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
SetEvent
GetCommandLineA
FreeLibrary
GetCurrentThread
VirtualFree
LeaveCriticalSection
InterlockedIncrement
GetStdHandle
WriteConsoleOutputCharacterW
GetEnvironmentStrings
LCMapStringW
SetConsoleCursorPosition
GetTimeZoneInformation
SetConsoleCtrlHandler
GetFileType
GetDriveTypeA
InterlockedExchange
GetOEMCP
GetLocaleInfoA
DeleteCriticalSection
IsDebuggerPresent
TlsAlloc
WaitForSingleObjectEx
InitializeCriticalSection
GetTimeFormatA
HeapAlloc
IsValidLocale
lstrcpyn
ReadConsoleOutputAttribute
GetStringTypeW
VirtualQuery
GetModuleHandleA
IsValidCodePage

user32

GetProcessDefaultLayout
CopyAcceleratorTableW
MessageBoxA
ChangeDisplaySettingsExA
GetUpdateRgn
OpenIcon
SetWindowTextW
DlgDirSelectExW
SendDlgItemMessageA
MessageBoxExW
GetAltTabInfo
GetKeyboardType
VkKeyScanExW
FreeDDElParam
CharNextExA
TileWindows
SetMenuItemInfoA
GetKeyboardLayoutNameW
DdeUninitialize

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f67e08d97a1720c98dc49914c258d145

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.data Size: 137KB - Virtual size: 137KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 107KB

.data
Size: 137KB - Virtual size: 137KB

.rsrc
Size: 5KB - Virtual size: 4KB