c26f792bcc3b93dd25265df6b5e3932f

Sharing

Copy URL

Twitter E-mail

General

Target

c26f792bcc3b93dd25265df6b5e3932f
Size

206KB
MD5

c26f792bcc3b93dd25265df6b5e3932f
SHA1

34cda58e8de15bdc471845a21e4741715adc889f
SHA256

43b86e7fe17b7adbdd0bda99a5d5743647843437fbebb5559216228da032c43f
SHA512

4bda625bfb6ff82af3f0a27b2ecbb359d5dbf10f341f2eb20a4334611a19c9d7fef295c5319cf8a09f69b4d25b294361a010de72abbdcc3d051db8e0e8998bd0
SSDEEP

3072:xKmKRFf3aNFtQjuOU/Lu/d5ZrKTFj2m/CGPVHzzgd2HPVVf9AebuLFfK9s7IDNgv:MmeaNIuD/Lu/dC3/rak9gorD6v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c26f792bcc3b93dd25265df6b5e3932f

Files

c26f792bcc3b93dd25265df6b5e3932f
.exe windows:6 windows x86 arch:x86

0c1527d1d2a75361daab007a10116119

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\admin\source\repos\amogus\Release\amogus.pdb

Imports

kernel32

Process32FirstW
CloseHandle
CreateThread
GetProcAddress
ExitProcess
CreateProcessW
GetModuleHandleW
GetConsoleWindow
WriteConsoleW
SetFilePointerEx
GetConsoleMode
Process32NextW
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
GetStringTypeW
GetFileType
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
Sleep
CreateToolhelp32Snapshot
OpenProcess
ExitThread
CreateFileW
WaitForSingleObject
SetThreadPriority
TerminateProcess
WriteFile
GetConsoleCP
GetCurrentProcess
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
HeapAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
LoadLibraryExW
RaiseException
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
CompareStringW
LCMapStringW
DecodePointer

user32

EnableWindow
GetCursorPos
ReleaseDC
SystemParametersInfoW
GetDesktopWindow
GetWindowDC
GetWindowRect
GetDC
MessageBoxW
EnumChildWindows
SendMessageW
GetSystemMetrics
SetWindowTextW
GetShellWindow
WindowFromPoint
DrawIcon
ShowWindow
GetCursorInfo
GetForegroundWindow
LoadIconW
FindWindowW

gdi32

BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
PatBlt
StretchBlt
PlgBlt
CreateHatchBrush
TextOutW
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush

winmm

waveOutOpen
PlaySoundA
waveOutClose
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c1527d1d2a75361daab007a10116119

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 109KB - Virtual size: 111KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 109KB - Virtual size: 111KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 5KB - Virtual size: 4KB