d48d28b71fd916796e6eb30481cd3feb

Sharing

Copy URL Twitter E-mail

General

Target

d48d28b71fd916796e6eb30481cd3feb
Size

592KB
MD5

d48d28b71fd916796e6eb30481cd3feb
SHA1

8655b5576459703b01a1fc339270d422295a2fde
SHA256

f4fd2d6bff6f7464fef8e1c1fe9e42b584b7251b6cba0b1574ca5ef32362a962
SHA512

5ab18a69d7f376731650a86c2a6c9a00859e0de86e9d80f8c122d6bcb3a10f9e0f87374b1c30e7466eb58964bf27ed6e9bcbd79c999dc7defe40aebb6df8ac52
SSDEEP

12288:G/wl+DFMIuviXtVuo2PQgiuymh1MgGu3uLFz6gyOGSCQory/efWLN:9UOvi9Iodfmh/DuJdpGST/+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d48d28b71fd916796e6eb30481cd3feb

Files

d48d28b71fd916796e6eb30481cd3feb
.exe windows:4 windows x86 arch:x86

2098f86698678d2e5aec11d92a3f4d7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
HeapCreate
VirtualFree
LoadLibraryW
GetProcAddress
HeapValidate
HeapReAlloc
OutputDebugStringA
FlushFileBuffers
GetModuleHandleW
GetCurrentProcessId
RaiseException
CompareStringW
GetCurrentThread
SetConsoleCtrlHandler
SetStdHandle
lstrlenA
SetConsoleCursorPosition
SetEnvironmentVariableA
SetUnhandledExceptionFilter
WideCharToMultiByte
SetHandleCount
FreeEnvironmentStringsW
GetStringTypeA
InterlockedIncrement
CompareStringA
GetLocaleInfoW
WritePrivateProfileStringA
UnhandledExceptionFilter
ExitProcess
GetTickCount
GetStringTypeW
OutputDebugStringW
HeapFree
GetCommandLineA
GetModuleFileNameA
GetStartupInfoA
LoadLibraryA
QueryPerformanceCounter
WriteConsoleW
VirtualAlloc
EnumSystemCodePagesW
FreeEnvironmentStringsA
SetLastError
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
TlsFree
GetConsoleCP
GetDateFormatA
GetLastError
LCMapStringA
SetFilePointer
HeapDestroy
FreeLibrary
GetSystemTimeAsFileTime
GetConsoleMode
DeleteCriticalSection
ConnectNamedPipe
GetConsoleOutputCP
GetEnvironmentStrings
DebugBreak
LeaveCriticalSection
IsBadReadPtr
TlsAlloc
CreateFileA
GetFileType
LCMapStringW
TlsGetValue
GetUserDefaultLCID
MultiByteToWideChar
GetLocaleInfoA
VirtualQueryEx
InterlockedExchange
GetOEMCP
Sleep
WriteFile
IsDebuggerPresent
EnumSystemLocalesA
EnterCriticalSection
InterlockedDecrement
GetTimeZoneInformation
HeapAlloc
IsValidLocale
ExpandEnvironmentStringsW
GetCurrencyFormatA
GetTimeFormatA
VirtualQuery
GetModuleHandleA
IsValidCodePage
GetModuleFileNameW
GetStdHandle
RtlUnwind
WriteConsoleA
TlsSetValue
GetFileAttributesExA
HeapSize
GetEnvironmentStringsW
CloseHandle
GetCPInfo
GetACP
InitializeCriticalSectionAndSpinCount

shell32

ExtractIconExA
ShellExecuteExW
SHBrowseForFolder
ShellExecuteExA
SHFreeNameMappings

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2098f86698678d2e5aec11d92a3f4d7c

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 270KB - Virtual size: 270KB

.data Size: 313KB - Virtual size: 320KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 270KB - Virtual size: 270KB

.data
Size: 313KB - Virtual size: 320KB

.rsrc
Size: 7KB - Virtual size: 6KB