8a89671224434cf041116884213d7166

Sharing

Copy URL Twitter E-mail

General

Target

8a89671224434cf041116884213d7166
Size

4.4MB
MD5

8a89671224434cf041116884213d7166
SHA1

db0d72b93ed4483075d51f278767f63787df1990
SHA256

b6c20b3a2c6ecd2f50faf45c41218417dadfadc6b4230ca7c8fd1e4439d1046e
SHA512

9ef14867e40bb891ffdebae1bf67517fb15101dd01b962814bbf25dc72bae4406ecc0048595ac44af7336efb55fff4233b0bfdcccac3dd08ae3299e110f23d62
SSDEEP

98304:hv1Ien0lEuPLzWdMA0ZHlBWxO9ujyb1U6h3b:34kMAYl8xO9cwb

Score

1^/10

Malware Config

Signatures

Files

8a89671224434cf041116884213d7166
.exe windows:5 windows x86 arch:x86

2617ed69d5fa8c0972283727d551e89d

Code Sign

56:c8:ba:e2:4e:6c:61:38:86:68:76:a3:c4:1f:46:52
Certificate

Issuer

POSTALCODE=10200

Not Before

01/09/2021, 19:08

Not After

01/09/2022, 19:08

Subject

POSTALCODE=10200

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0a
Signer

Actual PE Digest

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\gasavowozud zoduk_kuseyo.pdb

Imports

kernel32

SetLocalTime
InterlockedIncrement
ReadConsoleA
InterlockedDecrement
GetCurrentProcess
GetSystemWindowsDirectoryW
SetEnvironmentVariableW
GetEnvironmentStringsW
GetUserDefaultLCID
WaitForSingleObject
AddConsoleAliasW
SetVolumeMountPointW
EnumCalendarInfoExW
WriteFile
GetUserDefaultLangID
GetEnvironmentStrings
GlobalAlloc
SwitchToFiber
WriteConsoleOutputA
LeaveCriticalSection
PulseEvent
FindNextVolumeW
VerifyVersionInfoA
HeapQueryInformation
GetModuleFileNameW
GetACP
LCMapStringA
GetConsoleOutputCP
GetProcAddress
GetComputerNameExW
VerLanguageNameA
CreateTimerQueueTimer
HeapUnlock
GetDefaultCommConfigA
GetModuleHandleA
QueueUserWorkItem
GetConsoleTitleW
PeekConsoleInputA
GetCPInfoExA
EndUpdateResourceA
GetVersionExA
ReadConsoleInputW
lstrcpynW
GetCommandLineW
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
HeapFree
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
HeapSize
FreeEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleA
WriteConsoleW
SetStdHandle
CreateFileA

user32

RealGetWindowClassW

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2617ed69d5fa8c0972283727d551e89d

Code Sign

56:c8:ba:e2:4e:6c:61:38:86:68:76:a3:c4:1f:46:52Certificate

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0aSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 29.1MB

.rsrc Size: 83KB - Virtual size: 83KB

56:c8:ba:e2:4e:6c:61:38:86:68:76:a3:c4:1f:46:52
Certificate

45:8d:c3:1e:56:d6:7f:ce:41:76:42:31:ff:1e:ab:a5:0b:c8:8d:e4:cf:02:f9:ed:a2:a0:c4:b0:1e:a6:7e:0a
Signer

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 29.1MB

.rsrc
Size: 83KB - Virtual size: 83KB