7483c5d154f6607bb908d420cc38eb8d

Sharing

Copy URL Twitter E-mail

General

Target

7483c5d154f6607bb908d420cc38eb8d
Size

464KB
MD5

7483c5d154f6607bb908d420cc38eb8d
SHA1

5c3f4ee94087dbc62f3f9244d294b25a2f2442bb
SHA256

34ba50a130fec2d8403cb1d46a6e806cb32655e7a0fc3767aead96f656d05624
SHA512

262d89aa127430cbe56ec0fbd37698731c33faf23503617ec83bbe0d6abed9ca05ed529592f36b2832e1fa5d9659a77aafe9cc7ea96bce788654d08f16f12172
SSDEEP

3072:RH///7vWwqmxdUnQ/QL4V/cN3oKSrErRPMNwegz0rixlTECtVF:RfbvuFyQsJcmKSrEO+l3R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7483c5d154f6607bb908d420cc38eb8d

Files

7483c5d154f6607bb908d420cc38eb8d
.exe windows:6 windows x64 arch:x64

4c4d2e2436703d49c3b3c5732e984171

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-core-namedpipe-l1-1-0

CreatePipe

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
GetCommandLineA
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
WaitForSingleObject
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection

api-ms-win-core-processthreads-l1-1-0

TlsFree
TlsSetValue
TlsGetValue
ExitProcess
GetExitCodeProcess
TlsAlloc

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-file-l1-1-0

WriteFile
FindClose
FindFirstFileExW
SetFilePointerEx
FindNextFileW
ReadFile
CreateFileW
FlushFileBuffers
GetFileType

api-ms-win-core-localization-l1-2-0

FormatMessageW
GetCPInfo
IsValidCodePage
GetOEMCP
LCMapStringW
GetACP

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapSize
HeapReAlloc
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

RaiseException
GetLastError
SetLastError

api-ms-win-core-console-l2-1-0

SetConsoleTitleW

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
LoadLibraryExW
GetProcAddress
FreeLibrary
GetModuleFileNameW

kernel32

GetCurrentThreadId
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InitializeSListHead
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
GetCurrentProcessId
QueryPerformanceCounter

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwindEx
RtlPcToFileHeader

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-console-l1-1-0

WriteConsoleW
GetConsoleCP
SetConsoleMode
ReadConsoleInputW
ReadConsoleW
GetConsoleMode

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c4d2e2436703d49c3b3c5732e984171

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-console-l2-1-0

api-ms-win-core-libraryloader-l1-2-0

kernel32

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-console-l1-1-0

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 6KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 283KB - Virtual size: 282KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 283KB - Virtual size: 282KB

.reloc
Size: 2KB - Virtual size: 1KB