ba0442170c6b3efa2fc1fae06239895dc13384945a02b56a51c5d4b601d93c87

General

Target

ba0442170c6b3efa2fc1fae06239895dc13384945a02b56a51c5d4b601d93c87
Size

192KB
MD5

70b23be0dbe057e2c249fc02103886b0
SHA1

193b89d738a17cce35548dcaf94bc5bc491436a1
SHA256

ba0442170c6b3efa2fc1fae06239895dc13384945a02b56a51c5d4b601d93c87
SHA512

644aab10b007435b9cf7ca7705554496c60f4f37c837c5c6f484461123d9ecae5ff05ace8c79359e15503c97effb9cdebe78efda0bc53e8dbae33fade4c80c16
SSDEEP

3072:7c9V3AkngbVSeKy4crK5SgevdwEmMsqcpYfvJbsx8zR3fYFJ2p7WXoyLxtIze22q:9LZPrQyiMUpY3JQgR3MJ2p7HyczbECxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b7cbc5e5dc182c8d99809cd64d36734abeb6bfac15e6efc2ebcc2c57254bf172.exe

Files

ba0442170c6b3efa2fc1fae06239895dc13384945a02b56a51c5d4b601d93c87
.zip

Password: infected
b7cbc5e5dc182c8d99809cd64d36734abeb6bfac15e6efc2ebcc2c57254bf172.exe
.exe windows:5 windows x86 arch:x86

f3ca748f76db44ff1430515217457e6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\as34eQSDCrte\uyrtdstrtst\Release\uyrtdstrtst.pdb

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr90

__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_adjust_fdiv
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
printf
?terminate@@YAXXZ
_access

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f3ca748f76db44ff1430515217457e6d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr90

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 122KB - Virtual size: 122KB

.data Size: 160KB - Virtual size: 160KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 122KB - Virtual size: 122KB

.data
Size: 160KB - Virtual size: 160KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 12KB - Virtual size: 12KB