7e3cb6bf4000e17ada2121b84b63ddc1

Sharing

Copy URL Twitter E-mail

General

Target

7e3cb6bf4000e17ada2121b84b63ddc1
Size

201KB
MD5

7e3cb6bf4000e17ada2121b84b63ddc1
SHA1

3d9d09e4603b89913b0eca604021df3c49b4aa31
SHA256

439c74d75423ffb0071e342f248c48567f50f50e1f836ae119f5db1387147188
SHA512

0989ca525843ca03ebfb32b1f000307e7be9674b7453c7a8724f2206028e9ecc04b9f2ef130639858041d37a2b7a11d7e9b1e23197f22bb0e95f9d6f75291ebf
SSDEEP

3072:do15XXcdx7lnKxDJ0JLJDwXvf/4lRsQj+MFzwbxbL1E:O158dxFKx2LyXv34lrFzAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e3cb6bf4000e17ada2121b84b63ddc1

Files

7e3cb6bf4000e17ada2121b84b63ddc1
.exe windows:5 windows x86 arch:x86

266aa3b561e26e3b4d438fb26814163c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dopaw\yuwomugisahomo\banix wekokasotocil\pofigovuyagabe_hu.pdb

Imports

kernel32

LeaveCriticalSection
CreateTapePartition
GetLongPathNameA
GetUserDefaultLangID
AddRefActCtx
GetCPInfoExW
WriteConsoleInputA
ReadConsoleInputW
GetConsoleAliasW
SetCommTimeouts
SetConsoleCP
VerifyVersionInfoA
WaitNamedPipeA
CreateMutexA
WriteConsoleW
GetLastError
CreateFileW
WritePrivateProfileSectionA
GetPrivateProfileSectionA
EnumDateFormatsExA
SetStdHandle
LoadLibraryA
IsDebuggerPresent
FindFirstVolumeW
ReadFile
BuildCommDCBW
FindActCtxSectionStringA
VerLanguageNameW
SetFileApisToANSI
WriteProcessMemory
RequestWakeupLatency
ResetEvent
Sleep
EndUpdateResourceW
GetCPInfo
SetConsoleCtrlHandler
EnumDateFormatsA
GenerateConsoleCtrlEvent
GetCurrentConsoleFont
AttachConsole
GetConsoleAliasesLengthW
ReadConsoleA
ZombifyActCtx
ReadConsoleOutputW
GetSystemWindowsDirectoryA
GetStringTypeW
BuildCommDCBAndTimeoutsA
HeapUnlock
HeapLock
GetAtomNameW
HeapReAlloc
HeapCompact
GetGeoInfoA
GetCurrentProcess
GetProcAddress
GetModuleHandleA
CreateThread
GetVersionExA
GetACP
ReleaseMutex
WaitForSingleObject
GetSystemPowerStatus
WriteConsoleOutputCharacterA
LocalAlloc
SetMailslotInfo
SetEnvironmentVariableW
GetFileAttributesExW
GetComputerNameW
CommConfigDialogA
GetConsoleWindow
PostQueuedCompletionStatus
SetFileApisToOEM
GetStringTypeA
GetDiskFreeSpaceW
SetConsoleTitleA
InitializeSListHead
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
RtlUnwind
HeapAlloc
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
HeapFree
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
VirtualFree
VirtualAlloc
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
SetFilePointer
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetOEMCP
IsValidCodePage
GetLocaleInfoA
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle

advapi32

AdjustTokenGroups

Exports

Exports

@GetSecondVice@0

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

266aa3b561e26e3b4d438fb26814163c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 77KB

.data Size: 18KB - Virtual size: 4.4MB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 78KB - Virtual size: 77KB

.data
Size: 18KB - Virtual size: 4.4MB

.rsrc
Size: 104KB - Virtual size: 104KB