658f72c9d1695a12be7f65389b3c94c278b37d7a74fb9612c5f98589e8776aae

General

Target

658f72c9d1695a12be7f65389b3c94c278b37d7a74fb9612c5f98589e8776aae
Size

45KB
MD5

2b9bbeace4d446a9958bef0ed7f7b770
SHA1

6be9c73a7472722944d0a6e1d24e2db749336bf1
SHA256

658f72c9d1695a12be7f65389b3c94c278b37d7a74fb9612c5f98589e8776aae
SHA512

0da3bfdfcf4a36ff015feb0e1d380de3ea263fd7fdc92784a560b4759bfa19e98c947309b95cf9c655c1f14ae39f23fd0342137077aaca8ca5f1d5feddac7aab
SSDEEP

768:Eul3TyhdRVy87a4FjLevmzBje3qlg6qHlRszfH3Mzkoq7g52sYkDHXcMXiQSx22:E6TQRVFFjLeEMalKHlRk/3Mjqa2sPZIs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
658f72c9d1695a12be7f65389b3c94c278b37d7a74fb9612c5f98589e8776aae

Files

658f72c9d1695a12be7f65389b3c94c278b37d7a74fb9612c5f98589e8776aae
.exe windows:5 windows x64 arch:x64

097598b7d8a996904155e356f8133fa4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCommandLineA
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EncodePointer
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
GetLastError
FlsAlloc
HeapSetInformation
GetVersion
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

097598b7d8a996904155e356f8133fa4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 5KB - Virtual size: 13KB

.pdata Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 692B

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 5KB - Virtual size: 13KB

.pdata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 692B