533627f07841ccfd8c96140ea5e15e90N

Sharing

Copy URL

Twitter E-mail

General

Target

533627f07841ccfd8c96140ea5e15e90N
Size

529KB
MD5

533627f07841ccfd8c96140ea5e15e90
SHA1

9b5b372486ef3a43778d1866c52c2ad196eaefd9
SHA256

5949273ce1505d6f4614171f4bacddd94e01b0ecfbf962bf04e9ba8ee3e66efb
SHA512

bf11bbc8c1bae3256141a5267a14c6ff36ca6eb3a91e9f791b2732c7cffddaac4becd965470f85bc38834f332b60ff0d39641ff35dfab20937263fca7cb830e8
SSDEEP

12288:v+hf4gCqWzZzfm3s9q7xC5cbnRdkMuHknxA33Y:of4Xw32q1uu/56

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
533627f07841ccfd8c96140ea5e15e90N

Files

533627f07841ccfd8c96140ea5e15e90N
.exe windows:5 windows x86 arch:x86

dc9187ae7c558651590c298e2a7ad0e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\faxogifolamon\cewabekufan.pdb

Imports

kernel32

GetFileSize
FindFirstFileW
lstrlenA
GetModuleHandleExA
SetComputerNameExA
SetEndOfFile
CallNamedPipeA
SetEnvironmentVariableW
SetComputerNameW
FreeEnvironmentStringsA
EnumTimeFormatsW
GetPriorityClass
LoadLibraryW
ReadConsoleInputA
SetVolumeMountPointA
SetConsoleMode
VerifyVersionInfoA
WriteConsoleW
WritePrivateProfileSectionW
ReadFile
GetModuleFileNameW
CreateFileW
CreateActCtxA
CompareStringW
LCMapStringA
CreateDirectoryA
InterlockedExchange
SetThreadLocale
GetCPInfoExW
FillConsoleOutputCharacterW
GetHandleInformation
GetLastError
SetLastError
ReadConsoleOutputCharacterA
GlobalFix
GetTapeStatus
WriteProfileSectionA
SetStdHandle
BuildCommDCBW
ResetEvent
GetAtomNameA
LoadLibraryA
Process32FirstW
OpenMutexA
WriteConsoleA
OpenWaitableTimerW
LocalAlloc
SetConsoleWindowInfo
AddAtomA
FindAtomA
GetPrivateProfileSectionNamesA
ContinueDebugEvent
OpenFileMappingW
VirtualProtect
GetCurrentDirectoryA
CompareStringA
GetCurrentThreadId
OpenSemaphoreW
GetVersionExA
ReadConsoleInputW
LocalSize
GetWindowsDirectoryW
FileTimeToLocalFileTime
TlsFree
CopyFileExA
GetVolumeInformationW
FlushFileBuffers
GetProcAddress
GetComputerNameA
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapValidate
IsBadReadPtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
DecodePointer
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
MultiByteToWideChar
SetFilePointer
RtlUnwind
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
OutputDebugStringA
OutputDebugStringW
CloseHandle
GetStringTypeW
RaiseException
IsProcessorFeaturePresent
LCMapStringW

user32

GetMessageTime
GetMenuInfo

advapi32

ImpersonateSelf

Sections

.text
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc9187ae7c558651590c298e2a7ad0e6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 436KB - Virtual size: 436KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 20KB - Virtual size: 40KB

.rsrc Size: 33KB - Virtual size: 53KB

.text
Size: 436KB - Virtual size: 436KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 33KB - Virtual size: 53KB