cea3e8cb3eb4d3f46e86f0a57de4dbc3125e98958b73efb8448a280bac01e9f1

Sharing

Copy URL Twitter E-mail

General

Target

cea3e8cb3eb4d3f46e86f0a57de4dbc3125e98958b73efb8448a280bac01e9f1
Size

562KB
MD5

2db7bdf4e21630dcf8fdc2587933fdb5
SHA1

78d5f9836ddfc9a3a317c76893c771c25d3c28ae
SHA256

cea3e8cb3eb4d3f46e86f0a57de4dbc3125e98958b73efb8448a280bac01e9f1
SHA512

742c353ca125381cc0df40e2828edefade4d800db2b20cc34cd67c1983c0efa217b9fdad21add8c0ba2ca961af2ad8f29a543fded56a7add07eb5f36d7def757
SSDEEP

6144:CQEX9LuTpj8Qtj+oUiaaNWv6VEpMn/vx2rRX2AOoamx3xX:KX9LuljTxJUilYveEjo5g3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cea3e8cb3eb4d3f46e86f0a57de4dbc3125e98958b73efb8448a280bac01e9f1

Files

cea3e8cb3eb4d3f46e86f0a57de4dbc3125e98958b73efb8448a280bac01e9f1
.exe windows:6 windows x86 arch:x86

9111f5e8761a8738e7879acdfaa87cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\WS\tv_prel_dcr\build_cmake_win\Release\TeamViewer_Note.pdb

Imports

kernel32

LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
GetModuleFileNameW
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
RaiseException
DeleteCriticalSection
GetLastError
InitializeCriticalSectionEx
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
DecodePointer
GetProcAddress
FreeLibrary
VerSetConditionMask
VerifyVersionInfoW
IsWow64Process
GetCurrentProcess
SetSearchPathMode
SetDllDirectoryW
HeapSetInformation
SetProcessDEPPolicy
GetSystemDirectoryW
LoadLibraryExW
CreateFileW
CloseHandle
GetFileAttributesW
WideCharToMultiByte
GetSystemInfo
VirtualProtect
VirtualQuery
GetModuleHandleW
InitOnceBeginInitialize
InitOnceComplete
MultiByteToWideChar
GetStringTypeW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryEnterCriticalSection
EncodePointer
LCMapStringEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetCurrentProcessId
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetFileType
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9111f5e8761a8738e7879acdfaa87cf8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 5KB - Virtual size: 8KB

.didat Size: 512B - Virtual size: 280B

.rsrc Size: 290KB - Virtual size: 290KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 5KB - Virtual size: 8KB

.didat
Size: 512B - Virtual size: 280B

.rsrc
Size: 290KB - Virtual size: 290KB

.reloc
Size: 11KB - Virtual size: 10KB