b48feb0655696199bd5e1c2d30e6fbe4

Sharing

Copy URL Twitter E-mail

General

Target

b48feb0655696199bd5e1c2d30e6fbe4
Size

49KB
MD5

b48feb0655696199bd5e1c2d30e6fbe4
SHA1

35dd40c99cef79be0a232b114a4f63ad8feb55c2
SHA256

2e1c563846293a88b88c90d2d42e3f302bfd1bc3f08ff12878c5d25837e693cc
SHA512

c795193875deb86790997557d3ecaa23c4cf02191738c21b0cb9ad9650c697a7f9c3d267f9bf5154f5014d9dc2b2cd0f3ff74543c8a81b84dba3cf35025e147f
SSDEEP

768:EFK5E5En92Rt/5/5rxrPP3lLuzZPKqpU0XDgy3:2y2TtNxrPP3lLuBZpLDgy3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b48feb0655696199bd5e1c2d30e6fbe4

Files

b48feb0655696199bd5e1c2d30e6fbe4
.exe windows:4 windows x86 arch:x86

73fd0635f51f2bba9e5c8a1b6459e5ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_strdup
_stricoll
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_fpreset
_fullpath
_iob
_isctype
_onexit
_pctype
_setmode
abort
atexit
calloc
free
fwrite
localtime
malloc
mbstowcs
memcpy
realloc
setlocale
signal
strcmp
strcoll
strcpy
strftime
strlen
time
tolower
vfprintf
wcstombs

user32

CallNextHookEx
FindWindowA
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetMessageA
GetWindowTextA
GetWindowThreadProcessId
MapVirtualKeyExA
MessageBoxA
SetWindowsHookExA
ShowWindow
UnhookWindowsHookEx

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

libstdc++-6

_ZNSo5flushEv
_ZNSolsEi
_ZNSt14basic_ofstreamIcSt11char_traitsIcEE4openEPKcSt13_Ios_Openmode
_ZNSt14basic_ofstreamIcSt11char_traitsIcEEC1Ev
_ZNSt14basic_ofstreamIcSt11char_traitsIcEED1Ev
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt4cout
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_c

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 400B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 303B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73fd0635f51f2bba9e5c8a1b6459e5ed

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

libgcc_s_dw2-1

libstdc++-6

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 28B

.rdata Size: 1024B - Virtual size: 944B

/4 Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 400B

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

/14 Size: 512B - Virtual size: 56B

/29 Size: 7KB - Virtual size: 7KB

/41 Size: 512B - Virtual size: 303B

/55 Size: 512B - Virtual size: 456B

/67 Size: 512B - Virtual size: 56B

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 28B

.rdata
Size: 1024B - Virtual size: 944B

/4
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 400B

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 512B - Virtual size: 56B

/29
Size: 7KB - Virtual size: 7KB

/41
Size: 512B - Virtual size: 303B

/55
Size: 512B - Virtual size: 456B

/67
Size: 512B - Virtual size: 56B