801da5c48f84dfe0f993bfc365cd0d39

General

Target

801da5c48f84dfe0f993bfc365cd0d39
Size

8KB
MD5

801da5c48f84dfe0f993bfc365cd0d39
SHA1

550512957841e4c8683c49f1be9bca51435dbf55
SHA256

e6e413e454adbed5403921f59c7f4212b8f01443c736d3e7d7ea9ed07b374f16
SHA512

18885d3a9e36818a89fa23bf191e0dbb06d50ec5756b06310608d33b8da0bccf95a8d61209d1cc39b60059fe80b3bdad63917f7ea558d01f9b72d33fd1d075d1
SSDEEP

96:M4E9o3ZieeKLdvRD2a4DbDckQ41ackQ41LJ9SzruVABG6aDCtVmh:koZ/43D/11a/11V9SzruVQG6aaVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
801da5c48f84dfe0f993bfc365cd0d39

Files

801da5c48f84dfe0f993bfc365cd0d39
.exe windows:5 windows x86 arch:x86

0c49326be1ae7706530912f7e92fd84b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
VirtualAlloc
CreateThread
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EncodePointer
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr100

?terminate@@YAXXZ
_crt_debugger_hook
__dllonexit
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
exit
strncpy_s
_unlock

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c49326be1ae7706530912f7e92fd84b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr100

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 900B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 512B - Virtual size: 438B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 900B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 438B