b807270fcf5ae42c824d8ef8c40dabbe

Sharing

Copy URL Twitter E-mail

General

Target

b807270fcf5ae42c824d8ef8c40dabbe
Size

490KB
MD5

b807270fcf5ae42c824d8ef8c40dabbe
SHA1

7aacbe75e84c45eab162edebc844f87ed2beda21
SHA256

29e434bb4e39060a910eb43bed0b90ed9710fab08b103f348f146a189bf2694e
SHA512

afee4bb9da3d6aa9f59683bde49627748fcd66c3d433567405664d84a0eb19d1af01611a8daf4532c4ec2d6e57a9a410174a886ded90be66a175962f93c47863
SSDEEP

12288:6O3YE5bI+UCQ84fpqOzdbwazSmhZtpF6CRAFCjelUK4:dMxzWadDrMsjeH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b807270fcf5ae42c824d8ef8c40dabbe

Files

b807270fcf5ae42c824d8ef8c40dabbe
.exe windows:4 windows x86 arch:x86

14b4fa900fc46e6f1ed77938f41d3495

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
RegisterClassA
WaitForInputIdle

comctl32

InitCommonControlsEx

kernel32

GetSystemTimeAsFileTime
EnterCriticalSection
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleFileNameW
GetModuleHandleW
HeapSize
GetTimeZoneInformation
RaiseException
SetFilePointer
GetCPInfo
HeapReAlloc
GetEnvironmentStringsW
SetHandleCount
VirtualQuery
GetProcessHeap
TlsFree
InterlockedExchange
GetFileType
InterlockedDecrement
Sleep
OpenMutexA
IsValidCodePage
CloseHandle
GetCommandLineA
TerminateProcess
WideCharToMultiByte
GetLastError
CompareStringW
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
CompareStringA
GetCurrentThread
GetLocaleInfoA
WriteConsoleA
VirtualAlloc
WriteConsoleW
GetStartupInfoA
CreateFileA
GetStringTypeA
LCMapStringA
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
TlsAlloc
FreeLibrary
UnhandledExceptionFilter
RtlUnwind
WriteFile
OutputDebugStringW
GetStdHandle
GetStringTypeW
GetEnvironmentStringsA
SetStdHandle
GetProcAddress
SetLastError
VirtualFree
HeapFree
GetCurrentProcessId
IsBadReadPtr
GetCurrentProcess
InterlockedIncrement
GetTimeFormatA
GetUserDefaultLCID
HeapValidate
GetACP
ExitProcess
GetModuleHandleA
GetOEMCP
DebugBreak
GetCommandLineW
SetConsoleCtrlHandler
MultiByteToWideChar
TlsGetValue
TlsSetValue
LoadLibraryA
QueryPerformanceCounter
CreateMutexA
LoadLibraryW
GetConsoleMode
ReadFile
GetCurrentThreadId
IsDebuggerPresent
GetConsoleCP
FreeEnvironmentStringsW
GetLocaleInfoW
SetEnvironmentVariableA
GetConsoleOutputCP
EnumSystemLocalesA
HeapCreate
HeapDestroy
LCMapStringW
GetDateFormatA
HeapAlloc
lstrlenA
GetTickCount
IsValidLocale
OutputDebugStringA

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14b4fa900fc46e6f1ed77938f41d3495

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 290KB - Virtual size: 289KB

.rdata Size: 47KB - Virtual size: 66KB

.data Size: 149KB - Virtual size: 149KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 290KB - Virtual size: 289KB

.rdata
Size: 47KB - Virtual size: 66KB

.data
Size: 149KB - Virtual size: 149KB

.rsrc
Size: 2KB - Virtual size: 2KB