7e2ed60c7c6b658ec9df4879ce245aee

General

Target

7e2ed60c7c6b658ec9df4879ce245aee
Size

11KB
MD5

7e2ed60c7c6b658ec9df4879ce245aee
SHA1

b23de53ca66dce724d83dd225040ec6ae189a4bc
SHA256

f1cefe8a3a6f283d40bc09e6405c241140506511134a81f2c9a2d1a04a7b55b1
SHA512

eaab48efe3c937d430b7556a821c42b8528b1419c07e6d1f4c795e2b790c2bc35cdf5b329b5b0ed2b4364b2eb3742e3c305a14ebc5fe197ab5e74fcde8f075bf
SSDEEP

192:02Wuiv1yqS1Hpz98IJeVT4myUWow8f2Y:02W1NGphh2Tlynv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e2ed60c7c6b658ec9df4879ce245aee

Files

7e2ed60c7c6b658ec9df4879ce245aee
.exe windows:5 windows x86 arch:x86

68d088a99291ed37255fb0f2f666a541

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
VirtualProtect
LoadLibraryExA
FormatMessageW
GetLastError
GetProcAddress
LocalFree
DebugBreak
LoadLibraryExW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
FreeLibrary
TlsFree
TlsSetValue
TlsAlloc

user32

MessageBoxW

api-ms-win-crt-runtime-l1-1-0

exit
_controlfp_s
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_set_app_type

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode
realloc

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

shlwapi

PathCombineA

api-ms-win-crt-string-l1-1-0

memset
wcsncmp

Sections

.sbss
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68d088a99291ed37255fb0f2f666a541

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

shlwapi

api-ms-win-crt-string-l1-1-0

Sections

.sbss Size: - Virtual size: 2.4MB

.data Size: 512B - Virtual size: 368B

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.sbss
Size: - Virtual size: 2.4MB

.data
Size: 512B - Virtual size: 368B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB