93dd47da2afc31952d4cff646bc902dd8ec3564896dc7eaf1e1c163549a787c9

Sharing

Copy URL

Twitter E-mail

General

Target

93dd47da2afc31952d4cff646bc902dd8ec3564896dc7eaf1e1c163549a787c9
Size

6.1MB
MD5

b96494b51a30b3cc1a1063216058eb1c
SHA1

7047fcd8f168324dcd184ab501a15c4f768e361b
SHA256

93dd47da2afc31952d4cff646bc902dd8ec3564896dc7eaf1e1c163549a787c9
SHA512

a13bb12123c1fec3f1dee3df6330d3d104223a2925d25804c61e8edef77479cff7f182750c1de548c40856896be553b1f283a5ad105bd744190ba7a8902dff64
SSDEEP

98304:rtQVcaS/bht7bPGyRXJeMBZz5sAs5cVUH+oeHrYhpkCLBCIgMM1qJ0CO0:B6cLX/PGq4wWcVjYhpkEgM+z0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93dd47da2afc31952d4cff646bc902dd8ec3564896dc7eaf1e1c163549a787c9

Files

93dd47da2afc31952d4cff646bc902dd8ec3564896dc7eaf1e1c163549a787c9
.exe windows:6 windows x86 arch:x86

b92af7920132d9c164f3fefd70cac1d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

GetUserNameA

shell32

ShellExecuteA

ole32

CoCreateInstance

ws2_32

send

wtsapi32

WTSSendMessageW

user32

GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

Sections

.text
Size: - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp457!
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp457!
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b92af7920132d9c164f3fefd70cac1d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

ws2_32

wtsapi32

user32

Sections

.text Size: - Virtual size: 438KB

.rdata Size: - Virtual size: 92KB

.data Size: - Virtual size: 9KB

.vmp457! Size: - Virtual size: 3.6MB

.vmp457! Size: 5.9MB - Virtual size: 5.9MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 143KB - Virtual size: 142KB

.text
Size: - Virtual size: 438KB

.rdata
Size: - Virtual size: 92KB

.data
Size: - Virtual size: 9KB

.vmp457!
Size: - Virtual size: 3.6MB

.vmp457!
Size: 5.9MB - Virtual size: 5.9MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 143KB - Virtual size: 142KB