8abf9d23ea53aaf52c9fdb9e722a0498

Sharing

Copy URL Twitter E-mail

General

Target

8abf9d23ea53aaf52c9fdb9e722a0498
Size

348KB
MD5

8abf9d23ea53aaf52c9fdb9e722a0498
SHA1

74a8b9c2e2623534a69eedb386529e4a3abb5314
SHA256

e204364261541d1effe443dc914e36ae4ac3152d03e62effa224e8d9b25bca28
SHA512

d3fa6b823e77041badd1b603f72ac0446bb2101b61cbdec8a1173b427709288f20e39ecfc1bc9925c6513c105ae82a11c98661e6de0b7e4cbed12f70acadb990
SSDEEP

6144:GQVXWs6dDeXdGDUUqhxSir+McGanR+F9m7ojDuUlZt:LIDYcMhZr7ap7eDuUlZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8abf9d23ea53aaf52c9fdb9e722a0498

Files

8abf9d23ea53aaf52c9fdb9e722a0498
.exe windows:4 windows x86 arch:x86

da96f7b5437fd50453439a668a5c9ca3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetFileAttributesA
GetFullPathNameA
GetModuleHandleA
GetLastError
GetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GetTickCount
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GetCurrentProcess
GetProcAddress
SetLastError
GetCommandLineA
Sleep
lstrcpynA
lstrcpyA
LocalFree
FormatMessageA
SetThreadPriority
GetCurrentThread
CloseHandle
GetFileSize
CreateFileA
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
OutputDebugStringA
WriteFile
GetUserDefaultLangID
GetVersionExA
GetEnvironmentVariableA
GetShortPathNameA
GetSystemDirectoryA
GetLocaleInfoA
GetSystemDefaultLangID
TerminateProcess
OpenProcess
HeapAlloc
GetProcessHeap
HeapFree
GlobalFree
GlobalAlloc
WaitForSingleObject
GetStartupInfoA
MultiByteToWideChar
DeleteFileA
lstrcmpA
FlushFileBuffers
GetDriveTypeA
lstrcatA
MoveFileA
CompareFileTime
GetFileTime
OpenFile
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateMutexA
OpenMutexA
ReleaseMutex
lstrlenA
LocalAlloc
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
ReadFile
SetFilePointer
SetEndOfFile
lstrcmpiA
TlsAlloc
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GlobalFindAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
RaiseException
SetStdHandle
GetFileType
GetACP
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rivuwgs
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da96f7b5437fd50453439a668a5c9ca3

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 64KB - Virtual size: 143KB

.rsrc Size: 64KB - Virtual size: 64KB

rivuwgs Size: - Virtual size: 4KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 64KB - Virtual size: 143KB

.rsrc
Size: 64KB - Virtual size: 64KB

rivuwgs
Size: - Virtual size: 4KB