e029d612cf9f79a1651049ad501599542f034ba5fd46ea2ff6514352363b6a89

Sharing

Copy URL Twitter E-mail

General

Target

e029d612cf9f79a1651049ad501599542f034ba5fd46ea2ff6514352363b6a89
Size

1.5MB
MD5

424acb6e9e193ec7ee7adcf8123cf2f1
SHA1

65392f8d2ca7e16c2527dd3777f4bc6419c9776a
SHA256

e029d612cf9f79a1651049ad501599542f034ba5fd46ea2ff6514352363b6a89
SHA512

16069c190932ba49d9ce714d8c6ed120874296b486a595c64f0522e1402a7c37c0070a046b0b9a73735fdd24d29f346596958771d5c4f80fe5dbbe47d00a80a5
SSDEEP

24576:sWo5H98dnlZ1RBcLiQUHWjOcnGita71mFLVS:sBd8dBzYiQUXiM4rS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e029d612cf9f79a1651049ad501599542f034ba5fd46ea2ff6514352363b6a89

Files

e029d612cf9f79a1651049ad501599542f034ba5fd46ea2ff6514352363b6a89
.exe windows:6 windows x86 arch:x86

9d13a451af06ef1d9bb7db18a2f5dc28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\testjpeg_v2\Debug\testjpeg_v2.pdb

Imports

kernel32

WideCharToMultiByte
GetLastError
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
GetStartupInfoW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
HeapValidate
GetSystemInfo
GetModuleHandleExW
ExitProcess
GetCommandLineA
GetCommandLineW
FindClose
FindFirstFileExW
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetStdHandle
WriteFile
GetCurrentThread
HeapReAlloc
HeapSize
HeapQueryInformation
GetFileType
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
CloseHandle
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetFileSizeEx
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
CreateFileW
SetEndOfFile

Sections

.textbss
Size: - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d13a451af06ef1d9bb7db18a2f5dc28

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.textbss Size: - Virtual size: 569KB

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 262KB - Virtual size: 261KB

.data Size: 8KB - Virtual size: 15KB

.idata Size: 3KB - Virtual size: 3KB

.msvcjmc Size: 512B - Virtual size: 328B

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 44KB - Virtual size: 44KB

.textbss
Size: - Virtual size: 569KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 262KB - Virtual size: 261KB

.data
Size: 8KB - Virtual size: 15KB

.idata
Size: 3KB - Virtual size: 3KB

.msvcjmc
Size: 512B - Virtual size: 328B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 44KB - Virtual size: 44KB