225e8043b4cbb1f5e64f800dce016c8dffe803bae5c596eb62bfe2cb5dac2de5

Resubmissions

27-08-2024 20:54

240827-zp92wsshmm 10

27-08-2024 20:49

240827-zmfp9ssgjr 10

Sharing

Copy URL

Twitter E-mail

General

Target

225e8043b4cbb1f5e64f800dce016c8dffe803bae5c596eb62bfe2cb5dac2de5
Size

813KB
MD5

03851cdd1e543a7f09c0e4ade384bfd4
SHA1

342860ec1d18ac3b2cccd35ca2794d1db7c71353
SHA256

225e8043b4cbb1f5e64f800dce016c8dffe803bae5c596eb62bfe2cb5dac2de5
SHA512

4b6ed235558eeeffac123b707d5d9cb1af448c83162e75051459f8f9eb85cfdb9df903460faf22279df5497efab9c747fa8f1588f38312a7a364a363a3e91b38
SSDEEP

12288:R+KI630b+EJrbydbNKDcEi453oh1Nj0DYK636Zstz0pW5CDmyipL+1ea0mw:Rzkb+qHSbIZz5hW6Z2z0pW9+QFmw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
225e8043b4cbb1f5e64f800dce016c8dffe803bae5c596eb62bfe2cb5dac2de5

Files

225e8043b4cbb1f5e64f800dce016c8dffe803bae5c596eb62bfe2cb5dac2de5
.exe windows:5 windows x86 arch:x86

b8f1346e08181553ffb97208dd7623c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\humodaxuy.pdb

Imports

kernel32

ExitProcess
GetCommandLineW
GetTempFileNameW
GetPrivateProfileSectionNamesW
GlobalFix
SearchPathW
WritePrivateProfileStructA
CopyFileExW
GetDriveTypeW
DebugActiveProcessStop
SetEndOfFile
BuildCommDCBAndTimeoutsA
LoadResource
SystemTimeToTzSpecificLocalTime
DeleteVolumeMountPointA
ScrollConsoleScreenBufferW
SetConsoleActiveScreenBuffer
SetHandleInformation
GetProfileStringW
GetProfileSectionA
SetComputerNameW
FlushConsoleInputBuffer
CallNamedPipeW
GetProcessPriorityBoost
CreateNamedPipeW
IsBadReadPtr
EnumTimeFormatsW
TlsSetValue
GlobalAlloc
LoadLibraryW
GetConsoleMode
GetSystemPowerStatus
GlobalFlags
HeapCreate
GetFileAttributesW
GetBinaryTypeA
GetTimeZoneInformation
GetConsoleFontSize
GetOverlappedResult
lstrlenW
DisconnectNamedPipe
RaiseException
DeactivateActCtx
CreateJobObjectA
FreeLibraryAndExitThread
OpenMutexW
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
VirtualAlloc
SetVolumeLabelW
LocalLock
MoveFileW
CopyFileA
GetConsoleDisplayMode
EnterCriticalSection
OpenWaitableTimerA
GetLocalTime
OpenThread
WriteConsoleA
SetConsoleOutputCP
SetFileApisToANSI
SetCommMask
GetTapeParameters
WaitForMultipleObjects
SetSystemTime
GetOEMCP
WriteProfileStringA
GetModuleHandleA
RequestWakeupLatency
GetConsoleCursorInfo
OpenSemaphoreW
AddConsoleAliasA
GetVolumeInformationW
lstrcpyA
WideCharToMultiByte
MoveFileA
GetStartupInfoW
HeapValidate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetACP
GetCPInfo
IsValidCodePage
TlsGetValue
GetModuleHandleW
TlsAlloc
GetCurrentThreadId
TlsFree
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapFree
VirtualFree
GetModuleFileNameA
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
FlushFileBuffers
ReadFile
SetStdHandle
GetConsoleOutputCP
CloseHandle
CreateFileA

user32

GetCursorInfo

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 600KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

b8f1346e08181553ffb97208dd7623c2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 600KB - Virtual size: 660KB

.rsrc Size: 49KB - Virtual size: 49KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 600KB - Virtual size: 660KB

.rsrc
Size: 49KB - Virtual size: 49KB