ed7b9c0b6c4175be892d9239931a413961b95ee6f251754d95cb62358fedd7c2

General

Target

ed7b9c0b6c4175be892d9239931a413961b95ee6f251754d95cb62358fedd7c2
Size

408KB
MD5

d8ab6df80deff69350ec9ba6fbd4a0a5
SHA1

2e923f66fffc7d2bf2850cbd8de149a355162c1c
SHA256

ed7b9c0b6c4175be892d9239931a413961b95ee6f251754d95cb62358fedd7c2
SHA512

ae6360024ccd45bb48ff5bf7ab3f74abd58031a6d19328039b75e26644b9d484bc71e9086bdddaf30ddb97ea9eabb5eede0d7331c0f0dc28d8e058ba33884200
SSDEEP

6144:W9LfFOSbrt8xJmeCPiSmosV18EKia4H0RGp8HqRZq6akl:W97FOSYmhrRsAEKWRw6aS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed7b9c0b6c4175be892d9239931a413961b95ee6f251754d95cb62358fedd7c2

Files

ed7b9c0b6c4175be892d9239931a413961b95ee6f251754d95cb62358fedd7c2
.exe windows:5 windows x86 arch:x86

a693e1a8fddac95060d41983b1c1a629

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
GlobalDeleteAtom
TryEnterCriticalSection
WriteConsoleOutputW
SetUnhandledExceptionFilter
GetConsoleAliasA
InterlockedDecrement
ZombifyActCtx
FreeEnvironmentStringsA
GetModuleHandleW
EnumTimeFormatsA
InterlockedPopEntrySList
GetTimeFormatW
GetFileAttributesW
GetModuleFileNameW
CompareStringW
GetShortPathNameA
GetConsoleOutputCP
GetConsoleAliasesW
SetLastError
GetProcAddress
BackupWrite
LocalLock
CopyFileA
LoadLibraryA
GetFileType
HeapWalk
SetConsoleTitleW
BuildCommDCBA
LocalFileTimeToFileTime
MultiByteToWideChar
HeapAlloc
Sleep
ExitProcess
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
HeapSize

winhttp

WinHttpReadData

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a693e1a8fddac95060d41983b1c1a629

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winhttp

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 234KB - Virtual size: 233KB

.data Size: 16KB - Virtual size: 23.5MB

.rsrc Size: 131KB - Virtual size: 130KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 234KB - Virtual size: 233KB

.data
Size: 16KB - Virtual size: 23.5MB

.rsrc
Size: 131KB - Virtual size: 130KB