8666d0cbd76a4c160fdaf267ba4359fb8c300d2dff9711d49ee0e785a9748a2c

Sharing

Copy URL Twitter E-mail

General

Target

8666d0cbd76a4c160fdaf267ba4359fb8c300d2dff9711d49ee0e785a9748a2c
Size

64KB
MD5

a08270a5d3faa6afc2e429f7cb9dc64c
SHA1

00e9848bc9ef9f744f378502ffc33aab6418f76a
SHA256

8666d0cbd76a4c160fdaf267ba4359fb8c300d2dff9711d49ee0e785a9748a2c
SHA512

420da8049892096a5e758d3888487e46534611458f74cf3a1be09116fe704c184f3161f8e04e28339376060114e3b6614bece0e826922f7821e28cda8c39064b
SSDEEP

1536:8CCrIikTUfQQLikkWa+dXH0+mbMFRBS07dFVNzV+EhL3Pd:erIYukk2dXH/mbMQmdxV+EN31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7cd3ca8bdfb44e98a4b9d0c6ad77546e03d169bda9bdf3d1bcf339f68137af23.exe

Files

8666d0cbd76a4c160fdaf267ba4359fb8c300d2dff9711d49ee0e785a9748a2c
.zip

Password: infected
7cd3ca8bdfb44e98a4b9d0c6ad77546e03d169bda9bdf3d1bcf339f68137af23.exe
.dll windows:5 windows x64 arch:x64

a668a2b3bcf89f74052cc3b811178c3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

iphlpapi

GetAdaptersInfo

kernel32

CloseHandle
DisconnectNamedPipe
ConnectNamedPipe
SetLastError
CreateEventW
FlushFileBuffers
ReadFile
Sleep
MultiByteToWideChar
LocalAlloc
LocalFree
GetProcAddress
LoadLibraryW
GetTickCount64
WaitForSingleObject
CreateThread
VirtualFree
VirtualAlloc
GetDriveTypeW
CreateNamedPipeW
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
LCMapStringW
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetLogicalDrives
GetLastError
RtlLookupFunctionEntry
RtlUnwindEx
GetSystemTimeAsFileTime
GetCurrentThreadId
FlsSetValue
GetCommandLineA
EncodePointer
DecodePointer
HeapAlloc
RaiseException
RtlPcToFileHeader
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
GetCurrentProcess
FlsGetValue
FlsFree
FlsAlloc
HeapFree
GetModuleHandleW
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
WriteFile
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection

user32

DispatchMessageW
MsgWaitForMultipleObjectsEx
PeekMessageW

wininet

InternetOpenW
InternetSetOptionW
DeleteUrlCacheEntryW
InternetCanonicalizeUrlW
HttpAddRequestHeadersW
InternetConnectW
HttpOpenRequestW
InternetQueryDataAvailable
InternetReadFile
HttpSendRequestW
InternetCloseHandle
InternetCrackUrlW

urlmon

ObtainUserAgentString

Sections

.text
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.SCY
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

a668a2b3bcf89f74052cc3b811178c3d

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

user32

wininet

urlmon

Sections

.text Size: 81KB - Virtual size: 84KB

.rdata Size: 43KB - Virtual size: 44KB

.data Size: 6KB - Virtual size: 16KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.SCY Size: 3KB - Virtual size: 4KB

.text
Size: 81KB - Virtual size: 84KB

.rdata
Size: 43KB - Virtual size: 44KB

.data
Size: 6KB - Virtual size: 16KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.SCY
Size: 3KB - Virtual size: 4KB