C:\bimifokaguz\zomizizedidid\yibixayuh\mupifahi27_xawo_mox.pdb
Static task
static1
General
-
Target
987123.exe
-
Size
288KB
-
MD5
f33ee068a842d9f05958d94bfe854898
-
SHA1
148e00b29d757e6f7569a9611fef4ecebc5b0ebf
-
SHA256
80bf6ec459fae7ecaff490640d7f44f4099d1c009dce7ae60b831eff3f046204
-
SHA512
49d49a145eadad5bb69c3fb0118ee892621e7cd9a636a194b17f05ee9fca995109989a428d9b10933b8e9a6287868b8a26d8d1c43b59045b8e4076223d9198bf
-
SSDEEP
6144:SvFJmC64J/oBO7j3VXlbBbQOg/8BDfUsT:SvFJmETv9l1Og
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 987123.exe
Files
-
987123.exe.exe windows:5 windows x86 arch:x86
Password: infected
0af8560cfad62a70e1f6684099ea52da
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
ReadConsoleA
AddConsoleAliasW
GetComputerNameW
GetTimeFormatA
GetFileAttributesExA
GetTickCount
GenerateConsoleCtrlEvent
FindNextVolumeMountPointA
GetConsoleTitleA
ReadConsoleW
GetConsoleAliasExesW
CreateDirectoryExW
GlobalAlloc
GlobalFindAtomA
LoadLibraryW
GetLocaleInfoW
ReadConsoleInputA
GetConsoleAliasW
FlushFileBuffers
InterlockedIncrement
SetLastError
GetProcAddress
VirtualAlloc
SetStdHandle
GetTempFileNameA
LoadLibraryA
WriteConsoleA
GetNumberFormatW
RemoveDirectoryW
GetModuleHandleA
GetVersionExA
GetVolumeInformationW
CreateThread
CloseHandle
SetComputerNameExA
GetConsoleAliasExesLengthA
GetLastError
CreateFileA
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
HeapFree
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
VirtualFree
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
user32
CharUpperBuffA
GetAltTabInfoA
LoadKeyboardLayoutA
GetMenu
gdi32
StretchDIBits
advapi32
RegSetValueA
Sections
.text Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 40KB - Virtual size: 22.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ