e1aebe5ecddeaa32bd4d2565484e3b82

Sharing

Copy URL Twitter E-mail

General

Target

e1aebe5ecddeaa32bd4d2565484e3b82
Size

486KB
MD5

e1aebe5ecddeaa32bd4d2565484e3b82
SHA1

439a1a5f4a541581abdde27b9e593e0d84f9534d
SHA256

3cbbdc68b6d1a5a622f3ac3e7bc11775ded6e817716dc1c748ff155d7fce2937
SHA512

721da8842bd32632af7999fa8a6c1b5c872f1c72394410a789c7c83ab6554ad87f1c575aaacc03b0b1289a6a00435c6309d9896a79e1e60a813a0be032f33568
SSDEEP

6144:dalD46kJtdM7fs+GO/IBWWBaMEuSPASwO57KUUjRsKKU1Nm5I5quEsab6J8/RHH:4+JI7fs+d/IBUuYq58uEfbzRHH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1aebe5ecddeaa32bd4d2565484e3b82

Files

e1aebe5ecddeaa32bd4d2565484e3b82
.exe windows:6 windows x86 arch:x86

4de059ceb646d45b1c4c35350074caf2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\tim.vanderhorst\Desktop\ginfizzcpp\Debug\ginfizz.pdb

Imports

kernel32

CheckRemoteDebuggerPresent
GetLastError
SetLastError
GetCurrentProcess
CreateFileA
CloseHandle
DeviceIoControl
Sleep
GetModuleFileNameA
CreateMutexW
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
GetTempPathA
DeleteFileW
GetModuleHandleA
GetFileAttributesA
ReadConsoleW
ReadFile
IsDebuggerPresent
SetConsoleTextAttribute
GetVersionExA
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
EncodePointer
DecodePointer
IsProcessorFeaturePresent
GetModuleFileNameW
GetModuleHandleExW
HeapValidate
GetSystemInfo
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetFileType
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
RaiseException
LoadLibraryExW
lstrlenA
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThread
GetCurrentThreadId
FatalAppExitA
ExitProcess
AreFileApisANSI
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
TerminateProcess
GetModuleHandleW
SetStdHandle
SetConsoleCtrlHandler
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
WriteConsoleW
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
HeapAlloc
SetFilePointerEx
VirtualQuery
GetStringTypeW
GetTimeFormatEx
GetDateFormatEx
CompareStringEx
GetLocaleInfoEx
GetUserDefaultLocaleName
LCMapStringEx
IsValidLocaleName
EnumSystemLocalesEx
InterlockedExchange
CreateFileW
SetEndOfFile

user32

GetCursorPos

advapi32

RegOpenKeyExA
GetUserNameA
RegQueryValueExA

Sections

.textbss
Size: - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4de059ceb646d45b1c4c35350074caf2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.textbss Size: - Virtual size: 182KB

.text Size: 381KB - Virtual size: 380KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 5KB - Virtual size: 14KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 17KB - Virtual size: 17KB

.textbss
Size: - Virtual size: 182KB

.text
Size: 381KB - Virtual size: 380KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 5KB - Virtual size: 14KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 17KB - Virtual size: 17KB