d48baa6a17921c2fa8ef0695df2dd7cf

Sharing

Copy URL Twitter E-mail

General

Target

d48baa6a17921c2fa8ef0695df2dd7cf
Size

3.9MB
MD5

d48baa6a17921c2fa8ef0695df2dd7cf
SHA1

635dbdd052775802ac14a10c4193a7a8a29b484e
SHA256

3ca91cd2b7d2af7aaa81def979b62b9d38a92d8f2259541b959f7410522cb71c
SHA512

bbb1c8921e9501a31907cf9d8832c14c688d27d2fcaabe50b3617a2beab01dfc39629c93ce36f6a199f8952fd77bc82e90730efd67eb824e0571b9068edcdc66
SSDEEP

98304:ux7Q3jjCg8vo7YLl65or+MdtmvRFMgZRRIN7xtlKJL+xJ:J3ig8A7JQ+wtmvnJRRS1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d48baa6a17921c2fa8ef0695df2dd7cf

Files

d48baa6a17921c2fa8ef0695df2dd7cf
.exe windows:5 windows x86 arch:x86

a6ecbcc50b08a3e94567fe0036370f8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetThreadExecutionState
FlushViewOfFile
IsBadCodePtr
lstrlenW
GetHandleInformation
GetProcAddress
GetModuleHandleA
EnumDateFormatsW
GetCurrentThreadId
GetCurrentProcessId
ResetWriteWatch

ntdll

RtlAddVectoredExceptionHandler
RtlRemoveVectoredExceptionHandler

Sections

j
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Y
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

j
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

j
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

j
Size: 2KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

UOL
Size: 130KB - Virtual size: 128KB

IMAGE_SCN_MEM_READ

ZL8
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IUd
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ihn
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

W6O
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

v6g
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6ecbcc50b08a3e94567fe0036370f8c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

Sections

j Size: 2KB - Virtual size: 4KB

Y Size: 2KB - Virtual size: 4KB

j Size: 2KB - Virtual size: 4KB

.tls Size: 2KB - Virtual size: 4KB

j Size: 2KB - Virtual size: 4KB

.RSRC Size: 1.8MB - Virtual size: 1.8MB

j Size: 2KB - Virtual size: 1.7MB

UOL Size: 130KB - Virtual size: 128KB

ZL8 Size: 14KB - Virtual size: 12KB

IUd Size: 14KB - Virtual size: 12KB

ihn Size: 14KB - Virtual size: 12KB

W6O Size: 14KB - Virtual size: 12KB

v6g Size: 14KB - Virtual size: 12KB

j
Size: 2KB - Virtual size: 4KB

Y
Size: 2KB - Virtual size: 4KB

j
Size: 2KB - Virtual size: 4KB

.tls
Size: 2KB - Virtual size: 4KB

j
Size: 2KB - Virtual size: 4KB

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

j
Size: 2KB - Virtual size: 1.7MB

UOL
Size: 130KB - Virtual size: 128KB

ZL8
Size: 14KB - Virtual size: 12KB

IUd
Size: 14KB - Virtual size: 12KB

ihn
Size: 14KB - Virtual size: 12KB

W6O
Size: 14KB - Virtual size: 12KB

v6g
Size: 14KB - Virtual size: 12KB