c186d12f0c03836afec5333a642287cd1eaa458a55496e7be779f54c88f6661c

Sharing

Copy URL Twitter E-mail

General

Target

c186d12f0c03836afec5333a642287cd1eaa458a55496e7be779f54c88f6661c
Size

458KB
MD5

7449c9457168c803ef63489025be93c4
SHA1

c17b217bf7c9d19cafc817089fd95b86a2e1fc5b
SHA256

c186d12f0c03836afec5333a642287cd1eaa458a55496e7be779f54c88f6661c
SHA512

e986c47c0bf7fc762a4eb80c7f4e2741e86043a3162fb02c9bdc41a7a1a1e33cb2ace01dd348ba8e0bc3a6d8876346174411657f5b479d51b3c0384a9192bc69
SSDEEP

12288:/u7dHPU+ZZoyG9iu6Y0+Txihmbttq49PjLi:/u79fZrE6Y0ZmbtzFy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c186d12f0c03836afec5333a642287cd1eaa458a55496e7be779f54c88f6661c

Files

c186d12f0c03836afec5333a642287cd1eaa458a55496e7be779f54c88f6661c
.exe windows:6 windows x86 arch:x86

086b5534303e2b325880f187f0010658

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GetLastError
FindNextFileW
FindClose
MoveFileExW
CloseHandle
AddVectoredExceptionHandler
SetThreadStackGuarantee
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCurrentProcessId
SystemTimeToTzSpecificLocalTime
GetCommandLineW
GetProcessId
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
GetTimeZoneInformationForYear
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsSetValue
GetCurrentThread
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
TryAcquireSRWLockExclusive
GetStdHandle
GetConsoleMode
WaitForSingleObject
SetFilePointerEx
MultiByteToWideChar
WriteConsoleW
SetLastError
GetModuleHandleW
FormatMessageW
GetCurrentDirectoryW
ReleaseMutex
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcess
CreateMutexA
RtlCaptureContext
GetEnvironmentVariableW
GetModuleFileNameW
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFullPathNameW
CreateDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
DuplicateHandle
CreateThread
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
CreateNamedPipeW
ReadFileEx
SleepEx
WriteFileEx
GetSystemTimeAsFileTime
AcquireSRWLockShared
ReleaseSRWLockShared
DeleteFileW
SystemTimeToFileTime
GetConsoleOutputCP
FlushFileBuffers
HeapSize
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryExA
RtlUnwind
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
WriteFile
ExitProcess
GetModuleHandleExW
GetCommandLineA
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WideCharToMultiByte
SetEnvironmentVariableW
SetStdHandle
GetFileType
GetStringTypeW
CompareStringW
LCMapStringW
DecodePointer

user32

AllowSetForegroundWindow

ntdll

NtReadFile
RtlNtStatusToDosError
NtWriteFile

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

086b5534303e2b325880f187f0010658

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ntdll

Sections

.text Size: 283KB - Virtual size: 283KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 2KB - Virtual size: 5KB

.reloc Size: 12KB - Virtual size: 12KB

.rsrc Size: 78KB - Virtual size: 77KB

.text
Size: 283KB - Virtual size: 283KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 2KB - Virtual size: 5KB

.reloc
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 78KB - Virtual size: 77KB