6764dbcc1dfefb93c37c7ebe2c6a0579

General

Target

6764dbcc1dfefb93c37c7ebe2c6a0579
Size

100KB
MD5

6764dbcc1dfefb93c37c7ebe2c6a0579
SHA1

cfdb542f439852beaabc78d06cbd8120f3c13bff
SHA256

1ab2a044d320ceed563e21193167e28fae5e75a52623a5bea029dc4316a59c1f
SHA512

dcc173b2613f9e8f5f852d324ab78acc97b588f783e4a674cb53cf99e9d5c3b6ea9c5ca0226ec69b5db47f1f039ae3d08ecfdd5a130e9b31ef8b365d049a9603
SSDEEP

3072:WJnbgU/69g70E+nm08yZT2cSpWVYoAeDgQtal:K50EoL8yZacSpe9bF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6764dbcc1dfefb93c37c7ebe2c6a0579

Files

6764dbcc1dfefb93c37c7ebe2c6a0579
.exe windows:4 windows x86 arch:x86

9007e1bcf4933b772dbab5cddb982334

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateRemoteThread
GetProcAddress
LoadLibraryA
WriteProcessMemory
VirtualAllocEx
OpenProcess
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCommandLineA
GetVersionExA
GetModuleHandleA
DebugBreak
RaiseException
TerminateProcess
GetCurrentProcess
ExitProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
GetProcessHeap
FreeLibrary
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
VirtualQuery
InterlockedExchange
SetConsoleCtrlHandler
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
GetLocaleInfoA
SetFilePointer
SetStdHandle
FlushFileBuffers

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9007e1bcf4933b772dbab5cddb982334

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 7KB