66afa9462db490bab71c715e6cd99512

Sharing

Copy URL Twitter E-mail

General

Target

66afa9462db490bab71c715e6cd99512
Size

50KB
MD5

66afa9462db490bab71c715e6cd99512
SHA1

30b6bb5d6358f1a75e67ceca5986ed3358261a6f
SHA256

2ce6a7ae9a0317073029c0c07b95d4886dcbf4dc968f55b6d78402c1ec15f16b
SHA512

c40e8135490e6a3c5c4dbd5cb3a153ba4245e77cd7641753accbd4defccff1841736d7dd0b824a06f448db60f810a6a88d3acc07c482707f3b03f209814cd294
SSDEEP

1536:mC4oU3lKg3DN0TegjuaJ7GSeRH4WOefQgtpEadHZc0B:CJl/0TjnGSCYuLtb5l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66afa9462db490bab71c715e6cd99512

Files

66afa9462db490bab71c715e6cd99512
.exe windows:4 windows x86 arch:x86

641b5655a515b4a443783167ca975e6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeA

kernel32

DnsHostnameToComputerNameA
ExitProcess
GetComputerNameA
CallNamedPipeA
BackupSeek
BackupRead
SetCurrentDirectoryA
FlushViewOfFile
GetDriveTypeW
GetDriveTypeA
GetWindowsDirectoryW
GetSystemDirectoryA
GetCurrentDirectoryW
lstrcmpW
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentDirectoryA

advapi32

GetUserNameA

winmm

DrvGetModuleHandle
mmioOpenA

Exports

Exports

ddguwssa

Sections

.code
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 853B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

641b5655a515b4a443783167ca975e6c

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

winmm

Exports

Exports

Sections

.code Size: 22KB - Virtual size: 21KB

.rdata Size: 1024B - Virtual size: 853B

.data Size: 22KB - Virtual size: 22KB

.reloc Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rdata Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 776B

.reloc Size: 1024B - Virtual size: 532B

.code
Size: 22KB - Virtual size: 21KB

.rdata
Size: 1024B - Virtual size: 853B

.data
Size: 22KB - Virtual size: 22KB

.reloc
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rdata
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 1024B - Virtual size: 532B