0976c4b24a6fe9a6af3dbb36b53d06614df2acc12a5ec329c7d3a4a87dc6be84

Sharing

Copy URL Twitter E-mail

General

Target

0976c4b24a6fe9a6af3dbb36b53d06614df2acc12a5ec329c7d3a4a87dc6be84
Size

221KB
MD5

be912fff4952d991a7abb85d3ed6f244
SHA1

5dfec1c73f82726a07a39067659b30e6fb3419c7
SHA256

0976c4b24a6fe9a6af3dbb36b53d06614df2acc12a5ec329c7d3a4a87dc6be84
SHA512

4e254cc45a2e3d968a38a1cbec931c7ea7f5bdbd4da84b73f292ad9559734c65d658d2c309fbede6e04207548e66f6794204ec771b3f3d12f322799d71598766
SSDEEP

3072:hvTiJQepu4he4l6Yjyb453JwmuRljmScpBl9PLa3d+EIeHEjktcv1oKGys85fCpd:hiAWOy3JwHRlinBl9PLBgWCpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0976c4b24a6fe9a6af3dbb36b53d06614df2acc12a5ec329c7d3a4a87dc6be84

Files

0976c4b24a6fe9a6af3dbb36b53d06614df2acc12a5ec329c7d3a4a87dc6be84
.exe windows:5 windows x86 arch:x86

40f389cd89deac0771134a6688b7ea0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\t70\work\shibiesx\Release\shibiesx.pdb

Imports

kernel32

GetModuleFileNameW
CreateFileA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RaiseException
GetConsoleMode
GetConsoleCP
SetFilePointer
SetEnvironmentVariableA
CompareStringW
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapValidate
IsBadReadPtr
GetLastError
GetFileAttributesA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
InterlockedIncrement
InterlockedDecrement
GetProcAddress
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
WriteFile
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
WideCharToMultiByte
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
CompareStringA
FlushFileBuffers

user32

MessageBoxW

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40f389cd89deac0771134a6688b7ea0f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 13KB - Virtual size: 13KB