7359472e5bdb38c40daaabd2b904088b

General

Target

7359472e5bdb38c40daaabd2b904088b
Size

154KB
MD5

7359472e5bdb38c40daaabd2b904088b
SHA1

9d58b0dec7a262c0c0b555d32b39196436971e66
SHA256

e273b058254849e2baf95f058cca8fcec43081ca3c8790785e224d8e0397040c
SHA512

d2f62291a6ca251787fa26c53bf4ad6d6fab029599fb50bc8315f1e1f86c3977b0bbf939565a48b313c8bca49e16b37d03ad5b8ad12d99642096dd8f70e56207
SSDEEP

3072:+2g6dXe8E+umhyCXHb/hDJQJ9sE719dSQwW:jzdXDbPXjhw9saH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7359472e5bdb38c40daaabd2b904088b

Files

7359472e5bdb38c40daaabd2b904088b
.exe windows:5 windows x86 arch:x86

9b2621dec07c6ac852e513c6d633588b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
WaitForSingleObject
GetTickCount
GetProcAddress
LoadLibraryA
GetModuleHandleA
CreateThread
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
Sleep
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlUnwind
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW
CloseHandle

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b2621dec07c6ac852e513c6d633588b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 73KB - Virtual size: 72KB

.reloc Size: 33KB - Virtual size: 61KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 73KB - Virtual size: 72KB

.reloc
Size: 33KB - Virtual size: 61KB