a378cd6296f7bfb37099ddd24070d4f8

Sharing

Copy URL Twitter E-mail

General

Target

a378cd6296f7bfb37099ddd24070d4f8
Size

6.1MB
MD5

a378cd6296f7bfb37099ddd24070d4f8
SHA1

f8552b3b10b13ca7d22b679c34fae520e3763286
SHA256

48e6cdb5b77338f3bc04bd1eb0a394b3a851250ac494b0197bf9721fc2857c83
SHA512

29d9be64f90bc46f8f5b57aa7a6330b33dd98731046db5588dda0e739feecf301b19bab1f9c6491a39e0569a7f10695aad447622ca83d9cc25230516153d005d
SSDEEP

98304:gwTc2hSFPl5d//7eEMxCRZ6i/Q2nV+FbBnSkC5T9KoBjpML3wnIjMHse4MwmMccj:gwpEHeslkCx5BjGsIjEwiVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a378cd6296f7bfb37099ddd24070d4f8

Files

a378cd6296f7bfb37099ddd24070d4f8
.exe windows:5 windows x86 arch:x86

b8f97a6b33695042a97b7635b779e7bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SurfRight\Producten\HitmanPro35\bin\x86\Release MT\HitmanPro36.pdb

Imports

kernel32

GetLastError
WaitForMultipleObjects
CreateEventW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
WaitForSingleObjectEx
CreateWaitableTimerW
SetWaitableTimer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
SignalObjectAndWait
TerminateThread
LocalAlloc
LocalFree
LoadLibraryW
GetProcAddress
QueryPerformanceFrequency
SetThreadPriority
GetCurrentThread
QueryPerformanceCounter
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
SystemTimeToFileTime
LocalFileTimeToFileTime
CompareFileTime
GetLocalTime
GetModuleHandleW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
FileTimeToSystemTime
GetCalendarInfoW
InterlockedCompareExchange
GetWindowsDirectoryW
InterlockedDecrement
FormatMessageW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetLocaleInfoW
SetLastError
InterlockedIncrement
GetTempPathW
RemoveDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
GetModuleHandleA
GetCurrentProcess
RegisterWaitForSingleObject
InterlockedExchange
UnregisterWaitEx
PeekNamedPipe
FlushFileBuffers
DisconnectNamedPipe
ReadFile
GetOverlappedResult
WriteFile
CreateFileW
WaitNamedPipeW
LoadLibraryA
GetComputerNameW
GetFileAttributesExW
GetFileTime
SetFileTime
GetVersion
ResumeThread
Sleep
GetCommandLineW
CreateProcessW
ConvertDefaultLocale
GetFileSizeEx
GetLogicalDriveStringsW
QueryDosDeviceW
GetSystemDirectoryW
SetThreadAffinityMask
GetTickCount
DeleteFileW
OpenProcess
GetModuleFileNameW
SetErrorMode
DeviceIoControl
GetCurrentThreadId
GetStdHandle
GetVolumeInformationW
GetFileSize
SetFileAttributesW
OutputDebugStringW
GetCurrentProcessId
TerminateProcess
GetVersionExW
FreeLibrary
GetSystemInfo
GetProcessTimes
GlobalAlloc
OpenEventW
AllocConsole
SetUnhandledExceptionFilter
SearchPathW
OpenThread
DuplicateHandle
CreateSemaphoreW
ReleaseSemaphore
GetNumberFormatW
SuspendThread
CopyFileW
SetHandleInformation
VirtualAlloc
VirtualFree
CreateNamedPipeW
ConnectNamedPipe
WideCharToMultiByte
MultiByteToWideChar
GetThreadPriority
ExpandEnvironmentStringsW
GetLongPathNameW
VirtualQueryEx
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
RaiseException
MoveFileW
GlobalFree
GetCurrentDirectoryW
GetCurrentDirectoryA
SetEndOfFile
SetFilePointerEx
FormatMessageA
GetFullPathNameW
GetFullPathNameA
CreateFileA
SetFilePointer
MapViewOfFile
UnmapViewOfFile
UnlockFile
LockFile
UnlockFileEx
GetFileAttributesA
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingW
GetDiskFreeSpaceA
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
ExitProcess
lstrlenA
UnhandledExceptionFilter
IsDebuggerPresent
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetFileType
GetConsoleCP
GetStartupInfoW
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
GetModuleFileNameA
HeapCreate
LCMapStringW
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetStartupInfoA
LCMapStringA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualLock
VirtualUnlock
Heap32ListNext
Heap32Next
Heap32First
Heap32ListFirst
Thread32Next
Thread32First
Process32Next
Process32First
Module32Next
Module32First
CreateToolhelp32Snapshot
GlobalMemoryStatus
VirtualQuery
VirtualProtect
GetThreadContext
SetThreadContext

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8f97a6b33695042a97b7635b779e7bf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 440KB - Virtual size: 440KB

.data Size: 52KB - Virtual size: 67KB

.rsrc Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 126KB - Virtual size: 126KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 440KB - Virtual size: 440KB

.data
Size: 52KB - Virtual size: 67KB

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 126KB - Virtual size: 126KB