72a7efd31af6e35bf32e0684d3edc540N

Sharing

Copy URL

Twitter E-mail

General

Target

72a7efd31af6e35bf32e0684d3edc540N
Size

4.4MB
MD5

72a7efd31af6e35bf32e0684d3edc540
SHA1

c7b6a4a5b59811d2d907a484b69cd928fb6aa667
SHA256

05609d27a6c36dbd7c7ed6753b37a60e86d7090de75574f0053bf3df6cf888e3
SHA512

8d5e202150283760e3cd2db6250a1f9131edc42d5954af3b656cca77ffa15a199a838c9d54efed5822b856e376acc871dca480682b955d8a829fdd74ae549ba8
SSDEEP

98304:aKmzWmXQF2X+xLHaMlUDHfSYp/fiSDErziRJHj4Igp8c9mE7x4j:HmhwK+xbanDNpninirHjPY9mKx4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72a7efd31af6e35bf32e0684d3edc540N

Files

72a7efd31af6e35bf32e0684d3edc540N
.exe windows:5 windows x86 arch:x86

661bc2c985f77ecfc0f4afb69eba9855

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\pad\9\xocaxexidey\jihuzeyobix\gum.pdb

Imports

kernel32

GlobalFix
HeapReAlloc
lstrlenA
CopyFileExW
SetEndOfFile
InterlockedIncrement
SetEnvironmentVariableW
GetModuleHandleExW
CreateDirectoryW
SetHandleInformation
GetProfileSectionA
SetVolumeMountPointW
FreeEnvironmentStringsA
GetModuleHandleW
EnumTimeFormatsW
CreateActCtxW
GetDriveTypeA
TlsSetValue
GlobalAlloc
GetVolumeInformationA
LoadLibraryW
TerminateThread
ReadConsoleInputA
GetPrivateProfileStructW
WritePrivateProfileStructW
SetConsoleMode
VerifyVersionInfoA
WriteConsoleW
GetBinaryTypeA
WritePrivateProfileSectionW
GetAtomNameW
IsDBCSLeadByte
ReadFile
CreateFileW
GetOverlappedResult
CompareStringW
GetACP
SetCurrentDirectoryA
FillConsoleOutputCharacterA
GetHandleInformation
GetLastError
GetCurrentDirectoryW
GetThreadLocale
ReadConsoleOutputCharacterA
GetProcAddress
GetComputerNameExW
IsValidCodePage
CopyFileA
SetComputerNameA
BuildCommDCBW
ResetEvent
LoadLibraryA
OpenMutexA
WriteConsoleA
UnhandledExceptionFilter
OpenWaitableTimerW
LocalAlloc
GetFileType
AddAtomW
WriteProfileSectionW
GetCommMask
SetSystemTime
GetModuleFileNameA
SetConsoleCursorInfo
SetConsoleTitleW
RequestWakeupLatency
GetCPInfoExA
SetCalendarInfoA
OpenSemaphoreW
GetVersionExA
ReadConsoleInputW
LocalSize
LCMapStringW
SetFilePointer
SetStdHandle
CloseHandle
FindFirstFileA
GetTempFileNameW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
InterlockedDecrement
DecodePointer
ExitProcess
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
WriteFile
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapValidate
IsBadReadPtr
TlsAlloc
TlsGetValue
TlsFree
SetLastError
HeapCreate
GetOEMCP
GetCPInfo
OutputDebugStringA
OutputDebugStringW
RtlUnwind
MultiByteToWideChar
HeapAlloc
HeapSize
HeapQueryInformation
HeapFree
WideCharToMultiByte
GetStringTypeW
IsProcessorFeaturePresent
FlushFileBuffers
GetConsoleCP
GetConsoleMode
RaiseException

user32

GetMessageTime
GetMenuCheckMarkDimensions

advapi32

AdjustTokenPrivileges

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

661bc2c985f77ecfc0f4afb69eba9855

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 21KB - Virtual size: 41KB

.rsrc Size: 26KB - Virtual size: 4.7MB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 21KB - Virtual size: 41KB

.rsrc
Size: 26KB - Virtual size: 4.7MB