2be8887f3b0d6fd2bfbb288e33c0d1265724da40e5666a2fc0f23c0b4e183365

Sharing

Copy URL

Twitter E-mail

General

Target

2be8887f3b0d6fd2bfbb288e33c0d1265724da40e5666a2fc0f23c0b4e183365
Size

877KB
MD5

3c3e56d1940631a982d1b8f8261fb161
SHA1

ee7295373d5ce462bea50c253580b46422dc0499
SHA256

2be8887f3b0d6fd2bfbb288e33c0d1265724da40e5666a2fc0f23c0b4e183365
SHA512

ab5ae0f7268fd152f8e71bdf66131952a78b835b31d07c7960b188d45ac2766b6b0d36e82f5198d9b3565a41bdc485ede2aa0b5631323e2373ee01e4204999f9
SSDEEP

12288:5A9npQ0r5EU+W7FcnuDHf6IAeHL91468UIx74VQiYz6oGa1oApK5xHCwGt:5Al3HvISVQia9ixHC/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be8887f3b0d6fd2bfbb288e33c0d1265724da40e5666a2fc0f23c0b4e183365

Files

2be8887f3b0d6fd2bfbb288e33c0d1265724da40e5666a2fc0f23c0b4e183365
.exe windows:5 windows x86 arch:x86

5b8a8c5fd19640a4a5f293eb2a370ed2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\client_26.0\spark\plugin\build\Debug\Policy_engine_test.pdb

Imports

kernel32

Sleep
WaitForSingleObject
CreateEventW
CloseHandle
ResumeThread
CreateThread
SetEvent
SetThreadPriority
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DecodePointer
EncodePointer
RtlUnwind
GetCommandLineW
HeapSetInformation
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
HeapValidate
IsBadReadPtr
WriteConsoleW
GetFileType
GetStdHandle
InitializeCriticalSectionAndSpinCount
FatalAppExitA
WriteFile
GetLocaleInfoW
GetLastError
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
GetProcAddress
GetModuleHandleW
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoW
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
OutputDebugStringA
OutputDebugStringW
SetConsoleCtrlHandler
LoadLibraryW
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointer
FlushFileBuffers
HeapAlloc
GetModuleFileNameA
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
MultiByteToWideChar
lstrlenA
FreeLibrary
InterlockedExchange
SetStdHandle
LCMapStringW
GetStringTypeW
GetProcessHeap
VirtualQuery
CreateFileW
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
InterlockedCompareExchange
CreateFileA
SetEndOfFile

Sections

.textbss
Size: - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 709KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b8a8c5fd19640a4a5f293eb2a370ed2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.textbss Size: - Virtual size: 335KB

.text Size: 709KB - Virtual size: 709KB

.rdata Size: 125KB - Virtual size: 124KB

.data Size: 9KB - Virtual size: 19KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 27KB - Virtual size: 27KB

.textbss
Size: - Virtual size: 335KB

.text
Size: 709KB - Virtual size: 709KB

.rdata
Size: 125KB - Virtual size: 124KB

.data
Size: 9KB - Virtual size: 19KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 27KB - Virtual size: 27KB