8236c3b4ae6ff2a5b36a150814e24367caa1d0bff863232903485d586a049c04

Sharing

Copy URL

Twitter E-mail

General

Target

8236c3b4ae6ff2a5b36a150814e24367caa1d0bff863232903485d586a049c04
Size

806KB
MD5

bea7d944f42e023243121e958a8693b3
SHA1

759101821acb0ee45e4cb0cc41222887c2e617ed
SHA256

8236c3b4ae6ff2a5b36a150814e24367caa1d0bff863232903485d586a049c04
SHA512

ca1de9ea018f05b9fecd4d9713e726f191864662fc1746ea49f5eea06f1094f38bbb5aa432ce4b440cf6165782429014b55965d202bfa7a2bf174f13ddc75c08
SSDEEP

24576:CuFQ3B7uOUMMQt2rR8FfBhRJUEbDk1ulUw:dORMQt2r4PRSEk1ul

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8236c3b4ae6ff2a5b36a150814e24367caa1d0bff863232903485d586a049c04

Files

8236c3b4ae6ff2a5b36a150814e24367caa1d0bff863232903485d586a049c04
.exe windows:5 windows x86 arch:x86

8112f1b293c2265243b9549267811474

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetProcAddress
FreeLibrary
SetCurrentDirectoryW
GetModuleHandleW
LocalAlloc
lstrcmpA
LocalFree
WideCharToMultiByte
WriteConsoleW
HeapSize
MultiByteToWideChar
CloseHandle
GetLastError
GetFileAttributesW
GetConsoleCP
FlushFileBuffers
SetEnvironmentVariableA
FindClose
GetModuleFileNameW
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetStringTypeW
CompareStringW
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
LoadLibraryExW
CreateFileW
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetACP
GetCurrentDirectoryW
GetFullPathNameW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetProcessHeap
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

MessageBoxA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

wintrust

WinVerifyTrust

crypt32

CryptMsgClose
CertFreeCertificateContext
CryptQueryObject
CertCloseStore
CryptMsgGetParam
CertFindCertificateInStore
CryptDecodeObject
CertGetNameStringW

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 572KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8112f1b293c2265243b9549267811474

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

wintrust

crypt32

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 2KB - Virtual size: 6KB

.gfids Size: 512B - Virtual size: 336B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 101KB - Virtual size: 101KB

.reloc Size: 572KB - Virtual size: 576KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 2KB - Virtual size: 6KB

.gfids
Size: 512B - Virtual size: 336B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 101KB - Virtual size: 101KB

.reloc
Size: 572KB - Virtual size: 576KB