b0947f03fe03e89da042089fa9c4b8f4a342ec5f7427c76013780e7fc5bda6a7

Sharing

Copy URL

Twitter E-mail

General

Target

b0947f03fe03e89da042089fa9c4b8f4a342ec5f7427c76013780e7fc5bda6a7
Size

5.8MB
MD5

8653601dd5d9f7f128df3a11324cd061
SHA1

b7fe76e5b1eee6b8495d37c8f15a53da2b76cb9b
SHA256

b0947f03fe03e89da042089fa9c4b8f4a342ec5f7427c76013780e7fc5bda6a7
SHA512

99db37a00f8980608714869e893c73fc08b1a8fd8b8d4ba7c22581cd15abbaa15774406575b7307e078e76e43cee392cd0e03535ba2c9bb3c75907f2110d69aa
SSDEEP

98304:LJ4YIq40quapSNduNync/CEVDyHgI3E90zybtpeOkZ78e3/t+C9AjTH7z:RIKqVpud8t//DHUBytpi8Mpij77z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0947f03fe03e89da042089fa9c4b8f4a342ec5f7427c76013780e7fc5bda6a7

Files

b0947f03fe03e89da042089fa9c4b8f4a342ec5f7427c76013780e7fc5bda6a7
.exe windows:5 windows x86 arch:x86

3cbd1c2235e522f6f70043c9b0c48630

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vodigayomeyucele_vamiva.pdb

Imports

kernel32

TlsGetValue
BuildCommDCBAndTimeoutsA
SetUnhandledExceptionFilter
CompareFileTime
SetDefaultCommConfigW
SetEnvironmentVariableW
GetNamedPipeHandleStateA
WaitForSingleObject
SetCommState
SetCommTimeouts
SetProcessPriorityBoost
GetDriveTypeA
ActivateActCtx
GlobalAlloc
LoadLibraryW
GetConsoleMode
Sleep
CopyFileW
SetSystemTimeAdjustment
GetVersionExW
LeaveCriticalSection
GetBinaryTypeA
IsDBCSLeadByte
ReadFile
GetOverlappedResult
GetACP
lstrlenA
GetConsoleOutputCP
FreeLibraryAndExitThread
GetProcAddress
GetProcessHeaps
VirtualAlloc
BeginUpdateResourceW
IsValidCodePage
SetStdHandle
EnterCriticalSection
SetConsoleDisplayMode
AddAtomW
PostQueuedCompletionStatus
GetPrivateProfileStructA
CreateMutexA
VirtualProtect
GetCurrentDirectoryA
EnumDateFormatsW
SetThreadAffinityMask
_lopen
LocalSize
GetConsoleProcessList
GetThreadTimes
CopyFileExA
CommConfigDialogW
lstrcpyA
GetThreadContext
CreateJobObjectA
GetComputerNameA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
HeapReAlloc
HeapAlloc
GetStartupInfoW
RtlUnwind
RaiseException
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapCreate
VirtualFree
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetOEMCP
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW

advapi32

SetThreadToken
RevertToSelf

Exports

Exports

_futurama@4
_hiduk@8
_hockey@4
_lifan@8
_regulmoto@4

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 39.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cbd1c2235e522f6f70043c9b0c48630

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 5.8MB - Virtual size: 5.8MB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 39.4MB

.tls Size: 512B - Virtual size: 193B

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 39.4MB

.tls
Size: 512B - Virtual size: 193B

.rsrc
Size: 21KB - Virtual size: 20KB