9228be28429ea329404b2b9f1335f44066d493ee1dbd8d5080d03889e20ad979

Sharing

Copy URL Twitter E-mail

General

Target

9228be28429ea329404b2b9f1335f44066d493ee1dbd8d5080d03889e20ad979
Size

4.7MB
MD5

552b791420f23d9211b58f34fac708fd
SHA1

8884ce7cef85d902b053d89092bcb3636bc62337
SHA256

9228be28429ea329404b2b9f1335f44066d493ee1dbd8d5080d03889e20ad979
SHA512

d47e62d9ac490194a160b657b2ad148f1ae3a992dde74291de821cb19a12d4c912978602d17bcc7a30e8fd7be742354c903c21b00c4ac3738e74f2e6ac93751e
SSDEEP

49152:7SK7qVXfqTH1qgwJ8U6WwPY7mSK59zDdJLWWxboF5gtyCDMMQYJnlj9vW3oOZ/Y+:7S/VvUVqJsPYKxtboFx0MHi0ZgtG7bv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9228be28429ea329404b2b9f1335f44066d493ee1dbd8d5080d03889e20ad979

Files

9228be28429ea329404b2b9f1335f44066d493ee1dbd8d5080d03889e20ad979
.exe windows:5 windows x64 arch:x64

f2840be3e67e34224f9222b9bf5c6ad8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

msvcrt

__C_specific_handler

wtsapi32

WTSSendMessageW

user32

GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

Sections

.text
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2840be3e67e34224f9222b9bf5c6ad8

Headers

File Characteristics

Imports

kernel32

msvcrt

wtsapi32

user32

Sections

.text Size: - Virtual size: 8KB

.data Size: - Virtual size: 1KB

.rdata Size: - Virtual size: 2KB

.pdata Size: - Virtual size: 696B

.xdata Size: - Virtual size: 568B

.bss Size: - Virtual size: 2KB

.idata Size: - Virtual size: 2KB

.CRT Size: - Virtual size: 104B

.tls Size: - Virtual size: 16B

.vmp0 Size: - Virtual size: 3.1MB

.vmp1 Size: 4.7MB - Virtual size: 4.7MB

.text
Size: - Virtual size: 8KB

.data
Size: - Virtual size: 1KB

.rdata
Size: - Virtual size: 2KB

.pdata
Size: - Virtual size: 696B

.xdata
Size: - Virtual size: 568B

.bss
Size: - Virtual size: 2KB

.idata
Size: - Virtual size: 2KB

.CRT
Size: - Virtual size: 104B

.tls
Size: - Virtual size: 16B

.vmp0
Size: - Virtual size: 3.1MB

.vmp1
Size: 4.7MB - Virtual size: 4.7MB