b675cb44a115b19d516762378dd4bc75

Sharing

Copy URL Twitter E-mail

General

Target

b675cb44a115b19d516762378dd4bc75
Size

513KB
MD5

b675cb44a115b19d516762378dd4bc75
SHA1

8d4ad1a8ba8f91155dd793d2246c4f25aacf76c2
SHA256

92a817ec6f384e1f3a5e36c598637fffa9d51a0825bb145cf219de6fe3ac35bd
SHA512

8d349633988e468f48806717eed59d2abe5e67349995bd51184364c2aa914fb1ca7b0ca35342d34f8db6e3f57c9f72f6a896a650414184401444bc9821b8ecd6
SSDEEP

12288:aBIw9K16AkimyvAm3oYt8kM0aldNyHiyOCidrniYn2j6BXP47TNzkk:TCqfttkk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b675cb44a115b19d516762378dd4bc75

Files

b675cb44a115b19d516762378dd4bc75
.exe windows:4 windows x86 arch:x86

40d382580cad4432766c33824a5001e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
WriteConsoleW
VirtualQuery
ReadFile
GetCurrentProcessId
GetSystemDirectoryW
SetHandleCount
GetCurrentProcess
UnhandledExceptionFilter
OpenMutexA
FreeLibrary
IsValidLocale
SetEnvironmentVariableA
VirtualAlloc
WriteFile
TlsFree
WriteConsoleA
GetConsoleOutputCP
TlsAlloc
VirtualFree
IsDebuggerPresent
GetACP
CreateMutexA
InterlockedDecrement
EnumResourceLanguagesW
SetConsoleCtrlHandler
GetConsoleCP
GetModuleFileNameA
GetSystemTimeAsFileTime
TlsSetValue
HeapReAlloc
GetEnvironmentStringsW
EnterCriticalSection
FreeEnvironmentStringsW
CloseHandle
HeapSize
LCMapStringA
GetOEMCP
LCMapStringW
HeapFree
GetTimeFormatA
IsValidCodePage
GetConsoleMode
ExitProcess
GetLastError
SetStdHandle
GetModuleHandleW
GetProcAddress
InterlockedExchange
HeapDestroy
LoadLibraryA
GetFileType
InterlockedIncrement
GetStdHandle
GetTimeZoneInformation
CompareStringA
GlobalUnfix
MultiByteToWideChar
GetLocaleInfoA
CreateFileA
InitializeCriticalSectionAndSpinCount
TlsGetValue
GetModuleHandleA
FlushFileBuffers
GetLocaleInfoW
GetTickCount
GetCPInfo
GetEnvironmentStrings
SetFilePointer
HeapCreate
GetCurrentThreadId
ReadConsoleInputW
RtlUnwind
QueryPerformanceCounter
SetLastError
FreeEnvironmentStringsA
WideCharToMultiByte
EnumSystemLocalesA
GetCommandLineA
GetStartupInfoA
GetDateFormatA
GetStringTypeW
Sleep
LeaveCriticalSection
SetUnhandledExceptionFilter
DeleteCriticalSection
TerminateProcess
GetStringTypeA
HeapAlloc
CompareStringW
GetCurrentThread

user32

DdeConnectList
SetMessageExtraInfo
CopyImage
CreateDialogParamA
DeferWindowPos
GetKeyboardLayoutNameW
DdeCreateDataHandle
RegisterClassA
RegisterClassExA
EnumChildWindows
DragObject
EndDeferWindowPos
SetRectEmpty
wsprintfW

comctl32

InitCommonControlsEx

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40d382580cad4432766c33824a5001e0

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 9KB - Virtual size: 17KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 9KB - Virtual size: 17KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 8KB - Virtual size: 8KB