7abceb9e398c26459df7555603abfc23

Sharing

Copy URL Twitter E-mail

General

Target

7abceb9e398c26459df7555603abfc23
Size

48KB
MD5

7abceb9e398c26459df7555603abfc23
SHA1

46aea7687de1b5644eeb05e0fa09b16dbd8a4493
SHA256

e7a16b7c892355ff7cfbf5b9278051389f715adc91c7423e6fe4482b84947d80
SHA512

c4b33da9ee81917d90d5c506f5669eeaabc4bc7e1ec5b9a3d1914f37acddc0020ba1b9c3170f1194c6a2966bab1934ae54889e48830bda24c35887451e8c0063
SSDEEP

768:FRiV7pvtILwx1hIcieFeIm9e8MyARNQvCy4k3+A3RuLT+V7RIn4Y/dNKez:f+YLYXIKYMpQGkNmlMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7abceb9e398c26459df7555603abfc23

Files

7abceb9e398c26459df7555603abfc23
.exe windows:4 windows x86 arch:x86

265de66773c2f631828f7797a11b28c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA
FlushConsoleInputBuffer
GetLogicalDriveStringsA
GetUserGeoID
GetConsoleWindow
PostQueuedCompletionStatus
GetModuleHandleA
ReadConsoleA
SetConsoleKeyShortcuts
GetConsoleAliasExesLengthA
Module32Next
EndUpdateResourceA
UnlockFileEx
FlushFileBuffers
SetVolumeLabelA
GetTapePosition
HeapCreate
IsBadStringPtrA
GetThreadPriorityBoost
FormatMessageA
UnregisterWait
GetConsoleAliasesA
Process32Next
ProcessIdToSessionId
WriteProfileStringA
ChangeTimerQueueTimer
RegisterWaitForSingleObject
CreatePipe
SignalObjectAndWait
GetModuleFileNameA
GetCommTimeouts
WaitForSingleObject
CompareFileTime
FlushViewOfFile
GetConsoleFontInfo
ReadConsoleOutputCharacterA
ClearCommError
UnregisterWaitEx
GetVolumeNameForVolumeMountPointA
GetLocaleInfoA
GetDllDirectoryA
GetDateFormatA
HeapFree
GetSystemTime
IsBadWritePtr
GetExitCodeProcess
lstrcmpiA
OpenProcess
GetTempFileNameA
GlobalLock
GetFileType
VirtualProtect
WaitForMultipleObjects
ExitVDM
GetCurrentConsoleFont
Heap32First
TransmitCommChar
VirtualAlloc
OpenEventA
WriteProcessMemory
GetShortPathNameA
UpdateResourceA
WriteConsoleOutputCharacterA
GetThreadLocale
CloseHandle
GetSystemDirectoryA
EnumUILanguagesA
TerminateThread
GetCurrentThreadId
WinExec
Process32First
GetCalendarInfoA
LZOpenFileA
SetTapeParameters
HeapQueryInformation
GetCommTimeouts
GetNamedPipeHandleStateA
GetCurrentDirectoryA
GetWindowsDirectoryA
SetFilePointerEx
OpenEventA
IsSystemResumeAutomatic
FindNextVolumeA
WriteConsoleOutputCharacterW
SignalObjectAndWait
IsDebuggerPresent
IsBadCodePtr
GetExitCodeThread
EndUpdateResourceA
FindNextVolumeMountPointA
GetPrivateProfileSectionA
CopyFileExW
HeapDestroy
GetComputerNameA
SetMessageWaitingIndicator
WriteConsoleInputA
HeapFree
GetFileAttributesExA
RemoveDirectoryA
GetCurrentThread
GetFileInformationByHandle
GetLogicalDrives
WriteConsoleOutputA

advapi32

InitializeSid

ntdll

RtlGetLastWin32Error

Sections

CODE
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

265de66773c2f631828f7797a11b28c5

Headers

File Characteristics

Imports

kernel32

advapi32

ntdll

Sections

CODE Size: 11KB - Virtual size: 12KB

DATA Size: 7KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rsrc Size: 23KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 4KB

CODE
Size: 11KB - Virtual size: 12KB

DATA
Size: 7KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rsrc
Size: 23KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 4KB