2be8e9c573ee93913040668920f77594

Sharing

Copy URL Twitter E-mail

General

Target

2be8e9c573ee93913040668920f77594
Size

269KB
MD5

2be8e9c573ee93913040668920f77594
SHA1

d1d2bf2efd9822d4951972baa2bf2921510d42e4
SHA256

b1eb6309932ed98aa75ba1220925b98542ddfa48e3a99758b81813c95d1e4456
SHA512

614b66f78948e2abf9dbe89eaf7b488a2d12fc2faf4a09b29afd457bc2976b120412bbd85cbf5e3ab968662d1bc6bc7f7e8601c50a79f9e0ddc4d63105134f16
SSDEEP

6144:6PQwgMsDR9LLasWJeYOcz1z7alp542kliRF7eoFKN3X:uIMsereYVz1zXSq13X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be8e9c573ee93913040668920f77594

Files

2be8e9c573ee93913040668920f77594
.exe windows:6 windows x86 arch:x86

6f40c213a97ec20e6bc3769a1e7ba4c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LocalFree
WideCharToMultiByte
FindFirstFileA
FindClose
GetModuleHandleA
GetFileAttributesA
CloseHandle
GetModuleFileNameA
CopyFileA
LoadLibraryW
GetUserDefaultLangID
GetLastError
CreateSemaphoreA
GetProcAddress
ReadFile
CreateFileA
GetFileSize
OpenProcess
IsProcessorFeaturePresent
GlobalMemoryStatusEx
WriteFile
SetFilePointer
CreateFileMappingA
MapViewOfFile
GetTickCount
CreateFileW
GlobalAlloc
LoadLibraryA
DecodePointer
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
WaitForSingleObjectEx
Sleep
GetExitCodeThread
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
ReleaseSRWLockExclusive
WakeAllConditionVariable
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwind
RaiseException
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleFileNameW
GetStdHandle
HeapFree
HeapAlloc
MultiByteToWideChar
LCMapStringW
DeleteFileW
GetFileType
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
HeapReAlloc
WriteConsoleW

advapi32

GetCurrentHwProfileA

ole32

CreateStreamOnHGlobal

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f40c213a97ec20e6bc3769a1e7ba4c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

Sections

.text Size: 198KB - Virtual size: 197KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 3KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 198KB - Virtual size: 197KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 12KB - Virtual size: 11KB