71f857aa23a820b511a30a4150cb2fbf

Sharing

Copy URL Twitter E-mail

General

Target

71f857aa23a820b511a30a4150cb2fbf
Size

156KB
MD5

71f857aa23a820b511a30a4150cb2fbf
SHA1

1cb67a1ea75f832c1fef76503635a46f8423bcc9
SHA256

f4479d0185295ef97ac6277bbeee08f3b305ea3807b23fa2b61e3313d8a54db7
SHA512

7ab9da656c2d0a99a831383ec2fbfccce979e65a6f8d6e6c0570bcc4bdeb7829fc30df1e5e0e73148409e3c991dd138e1787e5a8ab910e6a1cb24b9911898652
SSDEEP

3072:+5IVQ+VZdvzbLCKADgN/VwG3Rtr89kYRJ2uxY7jAgC1/6m:6Y/DbbLC+N/VJ3cG6tWsCm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71f857aa23a820b511a30a4150cb2fbf

Files

71f857aa23a820b511a30a4150cb2fbf
.exe windows:4 windows x86 arch:x86

61577a619a1d958d9c16631877a14a43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
DeleteCriticalSection
GetLocalTime
CreateFileA
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
SetFileAttributesA
GetFileAttributesA
GetCurrentThread
GetTickCount
GetProfileStringW
GetSystemTime
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetFileType
GetStdHandle
GetTimeZoneInformation
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
SetFilePointer
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
SetEnvironmentVariableA

user32

InvalidateRect
EmptyClipboard
BeginPaint
DestroyMenu
ValidateRect
IsDialogMessageW
GetIconInfo
CheckDlgButton
CallNextHookEx
SendMessageA
SetWindowTextA
MapWindowPoints
PostMessageW
DestroyWindow

ole32

OleUninitialize
CoCreateInstance
CoUninitialize
CoInitialize
OleInitialize

Exports

Exports

Abymezaliwamy
Buguzuwiz
Igoty
Keraki
Melahobopeqek
Uxupu

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61577a619a1d958d9c16631877a14a43

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 48KB - Virtual size: 128KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 48KB - Virtual size: 128KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB