8ddd1d9ad9b954d780e5e6046d1cb613

General

Target

8ddd1d9ad9b954d780e5e6046d1cb613
Size

128KB
MD5

8ddd1d9ad9b954d780e5e6046d1cb613
SHA1

fb8e72ab9688dab1c6fc39748c974ef7fc9676d4
SHA256

daaf67000b91f03c7ee6b447070eecd6d828f425abc266a7d7869f5dac88e7d9
SHA512

06b10ab1ff1681c52578e4ca79d7ef950a09698b160108b1afd4b8230f1686c1e355dcd754b36cbddbeeb05294e571623309e50efc5235c8cbbddd59fc45ba30
SSDEEP

3072:DKjD2c7ObcHyA4pskP4bc0XMLVtEyXT6uJTL7:DKjNMfskgIbT6kTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ddd1d9ad9b954d780e5e6046d1cb613

Files

8ddd1d9ad9b954d780e5e6046d1cb613
.exe windows:4 windows x86 arch:x86

51bf63c6d915f56510d11604afffc472

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ChangeTimerQueueTimer
RemoveDirectoryA
FindAtomA
GetDllDirectoryA
SetFileApisToOEM
GlobalSize
GetSystemDirectoryA
GetCurrentThreadId
GetLocalTime
GetCurrentDirectoryA
OpenSemaphoreA
VirtualAlloc
DeleteTimerQueueEx
GetTimeZoneInformation
GetDefaultCommConfigA
GetTimeFormatA
WideCharToMultiByte
GetConsoleAliasExesA
CopyFileExA
SetLastError
SetVolumeLabelA
GetConsoleCursorInfo
IsValidLocale
ReleaseSemaphore
ResetEvent
SetFileAttributesA
GetModuleHandleA
GetLocaleInfoA
WriteConsoleOutputA
GetBinaryTypeA
GetConsoleInputExeNameA
GetVolumeInformationA
GetPrivateProfileIntA
GetDriveTypeA
GetProcessIoCounters
AddAtomA
GetTempPathA
GetSystemWindowsDirectoryA
ClearCommError
IsBadReadPtr
GetConsoleAliasExesLengthW
SetConsoleNumberOfCommandsA
GetCommMask
ReadConsoleOutputCharacterA
VirtualProtect
HeapSize
GetCommModemStatus
InterlockedDecrement
CreateFileMappingW
lstrcmpiA
CancelTimerQueueTimer
GetConsoleMode
SetLocaleInfoA
GetEnvironmentVariableA
ReadConsoleA
SetThreadExecutionState
GetEnvironmentStringsA
ShowConsoleCursor
WaitForMultipleObjects
GetVolumePathNamesForVolumeNameA
OpenThread
GlobalHandle
LoadLibraryExA
UnlockFile
EnumUILanguagesA
lstrlenA
ReadConsoleOutputCharacterA
GetSystemDefaultLangID
GetProcessPriorityBoost

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51bf63c6d915f56510d11604afffc472

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 380B

.text Size: 116KB - Virtual size: 392KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 380B

.text
Size: 116KB - Virtual size: 392KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB