c88dc765a7c177418c78681e6c997ff4

Sharing

Copy URL

Twitter E-mail

General

Target

c88dc765a7c177418c78681e6c997ff4
Size

2.3MB
MD5

c88dc765a7c177418c78681e6c997ff4
SHA1

a1c6b7a24474ffd02ac9a3d515ffb9c1a255259e
SHA256

a815984315b712dc2067fcf34bc1ba95b9badebb78e20afb7fb3068bcdf1dbb7
SHA512

7680712c56b8fda096d8115d82dad75f44723f2b9298820a3d4b08276502584ac2f83d3930a27ed7ecad47f2774f4296870d9cf4bf10eafa15ae0d146451ebe1
SSDEEP

49152:4fSA5sZBZ2bLAqFEBjlqDnlhPYEwXYP5Rw3t8BxDemj2KgH:+16kRFEBjlanMGR6twpekg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c88dc765a7c177418c78681e6c997ff4

Files

c88dc765a7c177418c78681e6c997ff4
.exe windows:5 windows x86 arch:x86

2d7ecfc0516b1bf6ad38445cdafab74d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterA
BuildCommDCBAndTimeoutsA
HeapAlloc
ClearCommError
GetNumaAvailableMemoryNode
FlushViewOfFile
FindFirstFileExW
ConnectNamedPipe
GetModuleHandleW
GetTickCount
GetCommConfig
SetProcessPriorityBoost
GetPriorityClass
GetVolumePathNameW
OpenProcess
GlobalAlloc
GetVolumeInformationA
FatalAppExitW
SizeofResource
GetConsoleAliasW
SetConsoleCursorPosition
EnumResourceLanguagesA
MultiByteToWideChar
GetProcessIoCounters
GetConsoleOutputCP
SetVolumeLabelW
GetNumaHighestNodeNumber
GetAtomNameA
ProcessIdToSessionId
SetConsoleCtrlHandler
GetExitCodeThread
SetProcessWorkingSetSize
FindAtomA
SetNamedPipeHandleState
CreatePipe
FindFirstVolumeMountPointA
EnumDateFormatsA
CreateMailslotA
VirtualProtect
SetCalendarInfoA
_lopen
GetWindowsDirectoryW
GetVolumeNameForVolumeMountPointW
lstrcpyA
SetFilePointer
WriteConsoleW
GetDefaultCommConfigW
lstrlenW
UnmapViewOfFile
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
CloseHandle
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryW
CreateFileW

user32

GetCaretBlinkTime

advapi32

RegQueryMultipleValuesW
InitializeAcl

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 39.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d7ecfc0516b1bf6ad38445cdafab74d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 26KB - Virtual size: 39.9MB

.rsrc Size: 89KB - Virtual size: 88KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 26KB - Virtual size: 39.9MB

.rsrc
Size: 89KB - Virtual size: 88KB