342835de23320b316e108d9af44d362a28d3624d86aca2ffdc892cb2406aad6a

Sharing

Copy URL

Twitter E-mail

General

Target

342835de23320b316e108d9af44d362a28d3624d86aca2ffdc892cb2406aad6a
Size

31KB
MD5

3e9eb4d74e8b2d1f45fd0fd01396d766
SHA1

4459d14f50e76890f9946a0647522301547e379c
SHA256

342835de23320b316e108d9af44d362a28d3624d86aca2ffdc892cb2406aad6a
SHA512

f91e0b9475f3754f709264175817f1ec7e15534eaf573b094a2c7dc678ccd36448a90f9fe05b69da0414605809231ebf5c057ecf6872b50730c579d1fabeb96d
SSDEEP

768:sXCHwTFiQN7rofeNmhQ2BW1Y6eyDDRrPoA/x:5HwJdro2NmpWW6Vhog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
342835de23320b316e108d9af44d362a28d3624d86aca2ffdc892cb2406aad6a

Files

342835de23320b316e108d9af44d362a28d3624d86aca2ffdc892cb2406aad6a
.exe windows:6 windows x64 arch:x64

7d038de470942643711af53591e8c975

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

OpenServiceA

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-string-l1-1-0

tolower

msvcp140

?good@ios_base@std@@QEBA_NXZ

ole32

CoInitializeEx

oleaut32

SysAllocString

rpcrt4

NdrClientCall3

shell32

ShellExecuteW

user32

ShowWindow

vcruntime140

wcsstr

vcruntime140_1

__CxxFrameHandler4

wininet

InternetOpenW

Sections

.MPRESS1
Size: 19KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d038de470942643711af53591e8c975

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

msvcp140

ole32

oleaut32

rpcrt4

shell32

user32

vcruntime140

vcruntime140_1

wininet

Sections

.MPRESS1 Size: 19KB - Virtual size: 80KB

.MPRESS2 Size: 4KB - Virtual size: 4KB

.rsrc Size: 7KB - Virtual size: 6KB

.MPRESS1
Size: 19KB - Virtual size: 80KB

.MPRESS2
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 7KB - Virtual size: 6KB