de071b7c3a2d52b2bd13abb23df07997

Sharing

Copy URL Twitter E-mail

General

Target

de071b7c3a2d52b2bd13abb23df07997
Size

108KB
MD5

de071b7c3a2d52b2bd13abb23df07997
SHA1

0ca871442fbe4eaeb3b80d4c4b46f75bfdc3c380
SHA256

43e148e8db4cb4722ee77b80bbafa595486dbc2f7b5c0cf58b41005909fe73ae
SHA512

40fcee85340adadeac47c9588c24445b1019dcf543e425e028e68d8584e0ed889ca540c570e4f02ad56e94aee57e47c24ba2fbee2940b9914a4bb16e61b96555
SSDEEP

1536:nUJtwXJMwPHmBAFqWEo9bfEEGs8TOlX3yKRlsNczCMTgW:Ow5MsmBAFqWE/K3803

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de071b7c3a2d52b2bd13abb23df07997

Files

de071b7c3a2d52b2bd13abb23df07997
.exe windows:1 windows x86 arch:x86

358eb75a9226ad0101882a4d9f06515f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
GetEnvironmentStrings
EnterCriticalSection
ExitProcess
Beep
FillConsoleOutputCharacterA
GetCommandLineA
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentThreadId
CreateFileA
GetFileAttributesA
GetFileType
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetStartupInfoA
GetStdHandle
FillConsoleOutputAttribute
GlobalMemoryStatus
InitializeCriticalSection
IsDBCSLeadByte
LeaveCriticalSection
PeekConsoleInputA
RaiseException
ReadConsoleInputA
ReadFile
RtlUnwind
ScrollConsoleScreenBufferA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteConsoleOutputA
WriteFile
GetVersion

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

358eb75a9226ad0101882a4d9f06515f

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 47KB - Virtual size: 48KB

DATA Size: 10KB - Virtual size: 12KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.debug Size: 45KB - Virtual size: 48KB

CODE
Size: 47KB - Virtual size: 48KB

DATA
Size: 10KB - Virtual size: 12KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

.debug
Size: 45KB - Virtual size: 48KB