232d25948db02a80f05a71382a8fda0000fb08df82778f30322d5844ce7d167b[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

232d25948db02a80f05a71382a8fda0000fb08df82778f30322d5844ce7d167b.exe
Size

834KB
MD5

20741efb92edd220de77c9e7e59b6c29
SHA1

61091ff70842a709c0283253be9b0e473bfa1054
SHA256

232d25948db02a80f05a71382a8fda0000fb08df82778f30322d5844ce7d167b
SHA512

fb66a40b9e65c73f525dcf4ca9c8a3eb3411aa4bee584fc6138ab4a8fba88cdc9cfeec26fe6c3dc38d18d6a8a8af550471d1bb6ef087433124c3898fb4b8f691
SSDEEP

12288:e8K0AkD/lct8fzQooO2Q8u62R0qP/8WnFJ7VVrEXrS/8rZ5qtLgq0nFcjV7u:tu+OteztV8AdlY7Algq0nFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
232d25948db02a80f05a71382a8fda0000fb08df82778f30322d5844ce7d167b.exe

Files

232d25948db02a80f05a71382a8fda0000fb08df82778f30322d5844ce7d167b.exe
.exe windows:5 windows x86 arch:x86

fab832f0eb05efca0f6cd66bd4fb20fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\gewerepegi31.pdb

Imports

kernel32

GetEnvironmentStringsW
AddConsoleAliasW
GetEnvironmentStrings
GlobalAlloc
WideCharToMultiByte
LoadLibraryW
SetVolumeMountPointA
LeaveCriticalSection
HeapValidate
WriteConsoleW
GetAtomNameW
ReplaceFileA
SetLastError
AttachConsole
VirtualAlloc
ZombifyActCtx
WriteProfileSectionA
SetStdHandle
LoadLibraryA
SetCalendarInfoW
AddVectoredExceptionHandler
GetModuleFileNameA
SetConsoleTitleW
FindFirstChangeNotificationA
EnumResourceNamesA
GetConsoleTitleW
LocalFree
BeginUpdateResourceW
GetDefaultCommConfigW
HeapAlloc
GetStartupInfoW
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
DeleteCriticalSection
EnterCriticalSection
VirtualFree
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
CloseHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetCommandLineW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
FlushFileBuffers
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
CreateFileA

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

}3Rz�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fab832f0eb05efca0f6cd66bd4fb20fa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 738KB - Virtual size: 737KB

.data Size: 24KB - Virtual size: 209KB

.rsrc Size: 54KB - Virtual size: 54KB

}3Rz�u� Size: 16KB - Virtual size: 20KB

.text
Size: 738KB - Virtual size: 737KB

.data
Size: 24KB - Virtual size: 209KB

.rsrc
Size: 54KB - Virtual size: 54KB

}3Rz�u�
Size: 16KB - Virtual size: 20KB