9c5834727679e4a2386f06f17fa366ef

Sharing

Copy URL Twitter E-mail

General

Target

9c5834727679e4a2386f06f17fa366ef
Size

780KB
MD5

9c5834727679e4a2386f06f17fa366ef
SHA1

9a4dc383a9087b599410b98e41123123ed34a83a
SHA256

98ae39891e6612f0f93a40d34fde0f7af6df813f5e6bbd1b73462ac2ec31e68f
SHA512

e6d39c00bdf198169abc4ff7f71c3220495e51ede27f334ccbe9594988955a0840bbc86d5d824114e598ca5d6b2e26b2754679d9b312f45aa78885882986a349
SSDEEP

12288:tRRQFO6k8yjCNqjfc4AnAMmM60u9gi9kmoXR+hyYVROHWIrt/57cJhpES3K:jRQFOeyjtYbnZb3jXyyYVR6lSj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c5834727679e4a2386f06f17fa366ef

Files

9c5834727679e4a2386f06f17fa366ef
.exe windows:4 windows x86 arch:x86

331cf13f8eb261e1732788e7813a6785

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\felix\Desktop\DesktopMüll\GV - Hax4Ever - MWF2 SKillz\stubo\Debug\stub.pdb

Imports

kernel32

LoadResource
FindResourceA
GetTickCount
GetModuleFileNameA
GetProcAddress
LoadLibraryA
ResumeThread
SetThreadContext
GetThreadContext
VirtualAllocEx
CreateProcessA
FreeLibrary
RaiseException
HeapValidate
IsBadReadPtr
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
DebugBreak
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar
lstrlenA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetModuleFileNameW
GetLastError
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
ExitProcess
GetACP
GetOEMCP
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
VirtualQuery
InitializeCriticalSection
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
SetConsoleCtrlHandler
LoadLibraryW
RtlUnwind
InterlockedExchange
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.textbss
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 360KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 344KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

331cf13f8eb261e1732788e7813a6785

Headers

File Characteristics

PDB Paths

Imports

kernel32

Sections

.textbss Size: - Virtual size: 168KB

.text Size: 360KB - Virtual size: 358KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 344KB - Virtual size: 351KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 806B

.textbss
Size: - Virtual size: 168KB

.text
Size: 360KB - Virtual size: 358KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 344KB - Virtual size: 351KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 806B