60945980dfa27f63c4eb5b06d1263d252b0bfe8365c25fc4284a9a89a2506d43

Sharing

Copy URL Twitter E-mail

General

Target

60945980dfa27f63c4eb5b06d1263d252b0bfe8365c25fc4284a9a89a2506d43
Size

172KB
MD5

85dd717044442fdcc0725d2a4661e0c4
SHA1

ed956cc5eb39c47861f47d09fe9de36203bb2977
SHA256

60945980dfa27f63c4eb5b06d1263d252b0bfe8365c25fc4284a9a89a2506d43
SHA512

d42a2e2e910859e98af4a63c4c9b55b5e4a576784a2481d07cd89fceb8f54b73e653e4a29e8c64e2e1e1c469f858cfb4dbf9e4cca3c7eb8c06ff76e55d6170cd
SSDEEP

3072:g8K9pErfhR/lYlW5h20HBhbrFdLvDyZ9H0rkfCAUbOLZXrTYwwU380uokAUp849G:gL9p6Z5h20HBlFdLvDUI1w33A9rcKtyn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60945980dfa27f63c4eb5b06d1263d252b0bfe8365c25fc4284a9a89a2506d43

Files

60945980dfa27f63c4eb5b06d1263d252b0bfe8365c25fc4284a9a89a2506d43
.exe windows:5 windows x86 arch:x86

1ab21351b2bcc7414ce71bff9f44d4d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\MVSProjects\MPLDEB\Debug\MPLDEB.pdb

Imports

kernel32

GetOverlappedResult
WaitForSingleObject
GetLastError
ResetEvent
ReadFile
CloseHandle
CreateEventA
SetCommMask
GetCommMask
TlsSetValue
SetCommState
GetCommState
SetCommTimeouts
CreateFileA
WaitCommEvent
WriteFile
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessA
TlsFree
TlsAlloc
GetStdHandle
InitializeCriticalSectionAndSpinCount
Sleep
SetConsoleCursorInfo
SetConsoleTitleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetConsoleCursorPosition
SetConsoleScreenBufferSize
ReadConsoleOutputA
WriteConsoleOutputA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetNumberOfConsoleInputEvents
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
FreeLibrary
LoadLibraryW
GetProcAddress
lstrlenA
RaiseException
MultiByteToWideChar
IsDebuggerPresent
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetProcessHeap
GetModuleFileNameW
VirtualQuery
GetModuleHandleW
EncodePointer

user32

SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
CloseClipboard

msvcr100d

printf
fgetc
_putch
strchr
memmove
atoi
_kbhit
fopen
fseek
rewind
fprintf
remove
atof
_localtime64_s
_time64
sscanf
feof
_stricmp
atol
ftell
_beginthread
toupper
tolower
_CRT_RTC_INITW
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_amsg_exit
__getmainargs
_exit
_XcptFilter
_cexit
__initenv
_CrtSetCheckCount
_CrtDbgReportW
_initterm
_initterm_e
_crt_debugger_hook
_wmakepath_s
wcscpy_s
_wsplitpath_s
_except_handler4_common
?terminate@@YAXXZ
_controlfp_s
_invoke_watson
_unlock
__dllonexit
_lock
_onexit
fread
fclose
fwrite
exit
clock
_endthread
_chdir
strcpy
_getcwd
strlen
_findfirst64i32
strcmp
strstr
strncpy
memset
_findnext64i32
qsort
strcat
_findclose
sprintf
_cputs
_strnicmp

ws2_32

htons
connect
inet_addr
shutdown
closesocket
ioctlsocket
WSACleanup
WSAGetLastError
socket
send
WSAStartup
recv

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ab21351b2bcc7414ce71bff9f44d4d1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcr100d

ws2_32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 14KB - Virtual size: 327KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 14KB - Virtual size: 327KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB