96ecdf99e0d2da5ad9a2c6dbcd0b500b

Sharing

Copy URL Twitter E-mail

General

Target

96ecdf99e0d2da5ad9a2c6dbcd0b500b
Size

32KB
MD5

96ecdf99e0d2da5ad9a2c6dbcd0b500b
SHA1

da57c1ffd56bcdc3b33c8621cdbc5cbabdc3b5a3
SHA256

46100e297494597953fb078f08835e6aba8b0964caa4872ddbb7c572befc2a4b
SHA512

15b4297b057dd6c7258f18dec239bb148302274f622d127ed667b6b6c415407c083ad762cfba214a8e2172708bb1f168787e94f595ae5a7f131a1da107306423
SSDEEP

768:RKeH7LnBACqZK9gQPe1kDyZonXQV+jE5SHIYXGdMr6Bg/RK7ctWnoZyqx8b2NIH/:RVH7LaCqoLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96ecdf99e0d2da5ad9a2c6dbcd0b500b

Files

96ecdf99e0d2da5ad9a2c6dbcd0b500b
.exe windows:5 windows x86 arch:x86

825f3018c77bd1057cef623c349a581a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\с++ project\WinApi\host-testing\Release\host-testing.pdb

Imports

kernel32

GetSystemDirectoryA
CreateDirectoryA
SetFileAttributesA
MoveFileA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcp90

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

msvcr90

_adjust_fdiv
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
__p__commode
_XcptFilter
__CxxFrameHandler3
memset

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.l1fer
Size: 138B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

825f3018c77bd1057cef623c349a581a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcp90

msvcr90

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 908B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 2KB - Virtual size: 1KB

.l1fer Size: 138B - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 908B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 2KB - Virtual size: 1KB

.l1fer
Size: 138B - Virtual size: 4KB