476ee9c0b7f7f864b169f0d1beb1a3bbcc7dbab1bae7d7f77ee69e22ad25ff66

Sharing

Copy URL

Twitter E-mail

General

Target

476ee9c0b7f7f864b169f0d1beb1a3bbcc7dbab1bae7d7f77ee69e22ad25ff66
Size

725KB
MD5

b0b058100c052c94d700fbbd8497a35d
SHA1

0797cda90de0c745ea47e95ff56c19aa0afa3c86
SHA256

476ee9c0b7f7f864b169f0d1beb1a3bbcc7dbab1bae7d7f77ee69e22ad25ff66
SHA512

8e4d4e3d72cd1b52254a8ddfd5aca4bc1bfdc0858e4a67ee386b7dec37d03f488c09772c953ea3aabdccd75a17646359c691db6f3096579ac22051e42977b0d2
SSDEEP

12288:UbcggEUzrNSLSX0IHENHfNhfpAGN56Ud26t3LhZ96qejwn22q5iDoTm366DsiErz:AVUHyfqa26t7hmxjw2r5iD86DsMemEFn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
476ee9c0b7f7f864b169f0d1beb1a3bbcc7dbab1bae7d7f77ee69e22ad25ff66

Files

476ee9c0b7f7f864b169f0d1beb1a3bbcc7dbab1bae7d7f77ee69e22ad25ff66
.exe windows:5 windows x86 arch:x86

6242645906667d4defa0737e0edeb226

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\payuf cef-cunemijufix_jaruwohu.pdb

Imports

kernel32

ExitProcess
GetCommandLineW
GetTempFileNameW
GetPrivateProfileSectionNamesW
GlobalFix
SearchPathW
CopyFileExW
GetDriveTypeW
DebugActiveProcessStop
SetEndOfFile
BuildCommDCBAndTimeoutsA
CallNamedPipeA
SystemTimeToTzSpecificLocalTime
DeleteVolumeMountPointA
ScrollConsoleScreenBufferW
SetConsoleActiveScreenBuffer
SetHandleInformation
GetProfileStringW
GetProfileSectionA
WaitForSingleObject
SetComputerNameW
FlushConsoleInputBuffer
OpenSemaphoreA
SetTapeParameters
GetProcessPriorityBoost
GetModuleHandleW
CreateNamedPipeW
IsBadReadPtr
EnumTimeFormatsW
TlsSetValue
GlobalAlloc
LoadLibraryW
GetConsoleMode
GetSystemPowerStatus
SizeofResource
GlobalFlags
HeapCreate
GetFileAttributesW
GetBinaryTypeA
GetTimeZoneInformation
GetConsoleFontSize
GetOverlappedResult
lstrlenW
DisconnectNamedPipe
RaiseException
DeactivateActCtx
CreateJobObjectA
FreeLibraryAndExitThread
OpenMutexW
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
VirtualAlloc
SetVolumeLabelW
LocalLock
MoveFileW
CopyFileA
GetConsoleDisplayMode
SetComputerNameA
EnterCriticalSection
OpenWaitableTimerA
GetLocalTime
OpenThread
WriteConsoleA
SetConsoleOutputCP
SetFileApisToANSI
SetCommMask
GetPrivateProfileStructA
GetTapeParameters
WaitForMultipleObjects
SetSystemTime
GetOEMCP
WriteProfileStringA
RequestWakeupLatency
GetConsoleCursorInfo
AddConsoleAliasA
GetVolumeInformationW
lstrcpyA
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MoveFileA
GetStartupInfoW
HeapValidate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetACP
GetCPInfo
IsValidCodePage
TlsGetValue
TlsAlloc
GetCurrentThreadId
TlsFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapFree
VirtualFree
GetModuleFileNameA
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
GetConsoleCP
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LCMapStringA
LCMapStringW
SetFilePointer
InitializeCriticalSectionAndSpinCount
LoadLibraryA
SetStdHandle
GetConsoleOutputCP
CloseHandle
CreateFileA

user32

GetCursorInfo

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 508KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6242645906667d4defa0737e0edeb226

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 508KB - Virtual size: 568KB

.rsrc Size: 50KB - Virtual size: 158KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 508KB - Virtual size: 568KB

.rsrc
Size: 50KB - Virtual size: 158KB