274167bf421d636f42487d347772cc429327e5294e5cf9c083389b797826dd07

Sharing

Copy URL Twitter E-mail

General

Target

274167bf421d636f42487d347772cc429327e5294e5cf9c083389b797826dd07
Size

461KB
MD5

cc61f25637c5f361c71e68128e6c7b1f
SHA1

9aebcdc3b3eb1ac12184b557d978b0846d9bb7d0
SHA256

274167bf421d636f42487d347772cc429327e5294e5cf9c083389b797826dd07
SHA512

2f1d25f03b69d15b2c5542d785380e524c4c4090a4959ef9d29718b57a1aa95871d95cb0755c27c539ecb6755d89f29db57efa2a6cd70d3c8f783b38f8800c97
SSDEEP

6144:SzIW9nxBmTRm4J7J7JKzz/wCj8ttJy9JDJZ+Pcj4+JJfvlKRE7jTMLIbIqQKtp+O:cd9nxBmTRmbnMnAdF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
274167bf421d636f42487d347772cc429327e5294e5cf9c083389b797826dd07

Files

274167bf421d636f42487d347772cc429327e5294e5cf9c083389b797826dd07
.exe windows:4 windows x64 arch:x64

e536b62dca7cbb94a8593e594b00ea7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libgcc_s_seh-1

_Unwind_Resume

kernel32

CloseHandle
CreateProcessW
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
FormatMessageA
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
InitializeCriticalSection
LeaveCriticalSection
LocalFree
Module32First
Module32Next
MultiByteToWideChar
OpenProcess
Process32First
Process32Next
ReadConsoleW
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleW

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-private-l1-1-0

__C_specific_handler
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_invalid_parameter_handler
abort
exit
signal

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite

api-ms-win-crt-string-l1-1-0

memset
strlen
strncmp
wcslen

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

user32

EnumWindows
GetWindowThreadProcessId
SetWindowPos

libstdc++-6

_ZNKSt9type_infoeqERKS_
_ZNSaIcEC1Ev
_ZNSaIcEC2ERKS_
_ZNSaIcED1Ev
_ZNSaIcED2Ev
_ZNSaIwEC1ERKS_
_ZNSaIwEC1Ev
_ZNSaIwEC2ERKS_
_ZNSaIwED1Ev
_ZNSaIwED2Ev
_ZNSt8__detail15_List_node_base7_M_hookEPS0_
_ZNSt8bad_castD2Ev
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt17__throw_bad_allocv
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt25__throw_bad_function_callv
_ZSt28__throw_bad_array_new_lengthv
_ZSt3cin
_ZSt4cout
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZTIi
_ZTIv
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVSt8bad_cast
_ZTVSt9exception
_ZdaPv
_ZdlPv
_ZdlPvy
_Znay
_Znwy
__cxa_allocate_exception
__cxa_begin_catch
__cxa_end_catch
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__cxa_throw_bad_array_new_length
__gxx_personality_seh0

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 512B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 512B - Virtual size: 175B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/68
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e536b62dca7cbb94a8593e594b00ea7f

Headers

DLL Characteristics

File Characteristics

Imports

libgcc_s_seh-1

kernel32

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

user32

libstdc++-6

Sections

.text Size: 75KB - Virtual size: 74KB

.data Size: 512B - Virtual size: 256B

.rdata Size: 3KB - Virtual size: 2KB

.pdata Size: 10KB - Virtual size: 9KB

.xdata Size: 11KB - Virtual size: 10KB

.bss Size: - Virtual size: 512B

.idata Size: 5KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 196B

/4 Size: 512B - Virtual size: 80B

/19 Size: 4KB - Virtual size: 3KB

/31 Size: 512B - Virtual size: 175B

/45 Size: 512B - Virtual size: 164B

/57 Size: 512B - Virtual size: 185B

/68 Size: 1024B - Virtual size: 582B

.text
Size: 75KB - Virtual size: 74KB

.data
Size: 512B - Virtual size: 256B

.rdata
Size: 3KB - Virtual size: 2KB

.pdata
Size: 10KB - Virtual size: 9KB

.xdata
Size: 11KB - Virtual size: 10KB

.bss
Size: - Virtual size: 512B

.idata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 196B

/4
Size: 512B - Virtual size: 80B

/19
Size: 4KB - Virtual size: 3KB

/31
Size: 512B - Virtual size: 175B

/45
Size: 512B - Virtual size: 164B

/57
Size: 512B - Virtual size: 185B

/68
Size: 1024B - Virtual size: 582B