05bbca6ef696fed6f5415448f7b22e0326743d9a1045b3de976ce44e9047ed34

Sharing

Copy URL Twitter E-mail

General

Target

05bbca6ef696fed6f5415448f7b22e0326743d9a1045b3de976ce44e9047ed34
Size

20KB
MD5

1ed6d657b9ff6c18cc6fedfbc4bfa5c1
SHA1

5041e11efea063bed4516bc4c7b07664746d97f7
SHA256

05bbca6ef696fed6f5415448f7b22e0326743d9a1045b3de976ce44e9047ed34
SHA512

932304c191639f17818e3e58c4a4aeb0935164f077f3f40d02aabcf92266ee212736565860f001ae8c0a39bcdc266e5f017af6c43e6b5ea2c24d9a8b4660c867
SSDEEP

192:xzubRmNI013wjHhN6Ooynml2FiFJow8l7:66dkr6OviFJowW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05bbca6ef696fed6f5415448f7b22e0326743d9a1045b3de976ce44e9047ed34

Files

05bbca6ef696fed6f5415448f7b22e0326743d9a1045b3de976ce44e9047ed34
.exe windows:4 windows x86 arch:x86

dc0715a8279ddd900bc53f7348482140

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetModuleHandleW
CreateEventW
SetConsoleCtrlHandler
SetEvent
CloseHandle
GetStartupInfoW
GetStdHandle
SetConsoleTitleW
SetConsoleTextAttribute
SetConsoleWindowInfo
LocalFree
LoadLibraryW
GetProcAddress
FreeLibrary
MapViewOfFile
GetLastError
FormatMessageW
UnmapViewOfFile
InterlockedExchange
WaitForSingleObject
GetTickCount
Sleep

mfc42u

ord825
ord561
ord815
ord2385
ord1568

msvcrt

wcscat
wcschr
_wtoi
wcscpy
_iob
fputwc
wcsrchr
swprintf
setlocale
wprintf
__CxxFrameHandler
_putws
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
__p___winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
?endl@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@AAV21@@Z
?wcout@std@@3V?$basic_ostream@GU?$char_traits@G@std@@@1@A

etautomark

?ETInitAutoMark@@YAHXZ
?ETReleaseAutoMark@@YAXXZ
?ETAutoMark_NET2@@YAHHHPBGP6AHNPAX@ZH1AAN@Z

advapi32

FreeSid
AllocateAndInitializeSid

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc0715a8279ddd900bc53f7348482140

Headers

File Characteristics

Imports

kernel32

mfc42u

msvcrt

msvcp60

etautomark

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 160B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 160B