688cb86f68fcc956ac4853132d871c14

Sharing

Copy URL Twitter E-mail

General

Target

688cb86f68fcc956ac4853132d871c14
Size

260KB
MD5

688cb86f68fcc956ac4853132d871c14
SHA1

488bcd8212f17b7da7990d25d5544cb230812db8
SHA256

1262dab6918201659191b6c7dbbf54838e6c8fbb9849646bc78c3bc0e45d58d6
SHA512

78bf8bcc0b36118b863b826681999955df0ddf81eb1c8df7d038079a3e8ec5c7d69afa335f64a7724625bab1811338cd57e5bda8e34705ca349b6f3102c54612
SSDEEP

3072:XCdyVRlkwjXZcf/Wt9lgrGBgyVduqf9Cr4rez/cnOZQt6xarul:XCdyBkwjw+7llgyVd3fMrSez/coQtv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
688cb86f68fcc956ac4853132d871c14

Files

688cb86f68fcc956ac4853132d871c14
.exe windows:4 windows x86 arch:x86

664c891575e243a30b098845acce3b45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
RaiseException
GetCommandLineA
GetVersionExA
GetModuleHandleA
ExitProcess
GetCPInfo
TerminateProcess
GetCurrentProcess
GetProcAddress
MultiByteToWideChar
LCMapStringA
GetLastError
LCMapStringW
DebugBreak
LoadLibraryA
HeapAlloc
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
FlushFileBuffers
CloseHandle
IsBadCodePtr
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
VirtualProtect
GetSystemInfo
VirtualQuery
SetConsoleCtrlHandler
GetProcessHeap
FreeLibrary
GetACP
GetOEMCP
InterlockedExchange
ReadFile
SetStdHandle
GetTimeFormatA
GetDateFormatA
GetLocaleInfoW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.textbss
Size: - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

664c891575e243a30b098845acce3b45

Headers

File Characteristics

Imports

kernel32

Sections

.textbss Size: - Virtual size: 94KB

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 12KB - Virtual size: 17KB

.idata Size: 4KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 94KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 12KB - Virtual size: 17KB

.idata
Size: 4KB - Virtual size: 2KB