df42368ac1eb251bad822b304f131d7ac0f6eac4a071e320dedd63895c40cc61

Sharing

Copy URL

Twitter E-mail

General

Target

df42368ac1eb251bad822b304f131d7ac0f6eac4a071e320dedd63895c40cc61
Size

238KB
MD5

f6ff3a0cbac3c500cbb81c2b4b7ad4bc
SHA1

ee53ba28ff07790844f11f00302271a7e87df1cf
SHA256

df42368ac1eb251bad822b304f131d7ac0f6eac4a071e320dedd63895c40cc61
SHA512

96df27f35e257c970d92989ec1ce533e85b7a45927ebb9a13068159b67909e88c7ffd4e92fe9fabf8003023b3d0697ad54850175e51e82e2f0be073ca8286aea
SSDEEP

6144:BxQaL79x1KehiLiW6b2kH1X6jDF0f5d9t4:vrH9x1KeIkH1X6jDF0Db

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df42368ac1eb251bad822b304f131d7ac0f6eac4a071e320dedd63895c40cc61

Files

df42368ac1eb251bad822b304f131d7ac0f6eac4a071e320dedd63895c40cc61
.exe windows:5 windows x86 arch:x86

903d80dfa3a453453f4440e2bd8afbd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
FillConsoleOutputCharacterA
FindResourceA
GetConsoleAliasesLengthW
SetComputerNameExA
InterlockedDecrement
SetComputerNameW
CreateHardLinkA
GetModuleHandleW
GetTickCount
VirtualFree
GetConsoleAliasesLengthA
LoadLibraryW
ReadConsoleInputA
FreeConsole
GetStartupInfoW
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
SetComputerNameA
LoadLibraryA
WriteConsoleA
InterlockedExchangeAdd
LocalAlloc
MoveFileA
QueryDosDeviceW
FindNextChangeNotification
GlobalFindAtomW
PurgeComm
GetCurrentProcessId
DebugBreak
ReadConsoleOutputCharacterW
OpenFileMappingA
DeleteFileA
MultiByteToWideChar
Sleep
ExitProcess
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CloseHandle
CreateFileA
HeapAlloc
HeapReAlloc
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile
GetConsoleOutputCP
WriteConsoleW
RaiseException

user32

GetWindowTextLengthA
GetKeyNameTextA

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

903d80dfa3a453453f4440e2bd8afbd4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 19KB - Virtual size: 4.1MB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 19KB - Virtual size: 4.1MB

.rsrc
Size: 80KB - Virtual size: 80KB