49552c177d72449bb0c62f9225589052aa1385e23c969ce8556f20e3be0e7906

Sharing

Copy URL

Twitter E-mail

General

Target

49552c177d72449bb0c62f9225589052aa1385e23c969ce8556f20e3be0e7906
Size

241KB
MD5

2b71f5c4c5547cc9949c86ff315883be
SHA1

b444709c90890500dc29f9fea7a271eae56fa58c
SHA256

49552c177d72449bb0c62f9225589052aa1385e23c969ce8556f20e3be0e7906
SHA512

0c28cca561c7960e9cfd6bbbe725460e6da86e34fce00497762ecf0debd418bcbdd0a48b9c1c374bd2714e9ce638acfdf2dd28930a7cd169fdae199eeae7735a
SSDEEP

3072:D65w2HLIe2EEWTrgY1+RBHvKCipEkQH5INR9tGAC:m5DvEqMPPK+yNRL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49552c177d72449bb0c62f9225589052aa1385e23c969ce8556f20e3be0e7906

Files

49552c177d72449bb0c62f9225589052aa1385e23c969ce8556f20e3be0e7906
.exe windows:5 windows x86 arch:x86

640dc1ff8677dec84354f6c44bc85bb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\jijukuhanuvati\vetude\kifoj94\hefejefuca\rezeje74.pdb

Imports

kernel32

GetConsoleAliasExesA
SetComputerNameExA
GetConsoleAliasExesLengthA
InterlockedIncrement
GetConsoleAliasA
InterlockedDecrement
GetFileAttributesExA
GetTickCount
GetNumberFormatA
GetConsoleTitleA
ReadConsoleW
GetWindowsDirectoryA
GlobalAlloc
LoadLibraryW
GetLocaleInfoW
ReadConsoleInputA
GetThreadSelectorEntry
WriteConsoleW
ReadFile
GetModuleFileNameW
CreateFileA
CreateDirectoryA
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
RemoveDirectoryA
GetTempFileNameA
LoadLibraryA
SetCalendarInfoW
GlobalFindAtomW
GetVersionExA
GetCurrentProcessId
AddConsoleAliasA
GetVolumeInformationW
CloseHandle
FindNextVolumeMountPointW
GetComputerNameA
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
HeapFree
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
VirtualFree
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
MultiByteToWideChar
SetStdHandle
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

GetAltTabInfoW
SetMenu
LoadKeyboardLayoutA
CharUpperBuffA

gdi32

StretchDIBits

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 22.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

640dc1ff8677dec84354f6c44bc85bb0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 39KB - Virtual size: 22.0MB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 39KB - Virtual size: 22.0MB

.rsrc
Size: 41KB - Virtual size: 40KB