221cb1484d8781fb292108b8b489659ed5b9484f929c8085fc7dee57b41eed91

General

Target

221cb1484d8781fb292108b8b489659ed5b9484f929c8085fc7dee57b41eed91
Size

21KB
MD5

d554aacceefe6af59cad23b5c27a49cd
SHA1

ab0c11c8b922f94ec410f48b3e4562471b2f35c0
SHA256

221cb1484d8781fb292108b8b489659ed5b9484f929c8085fc7dee57b41eed91
SHA512

96551d2fd10bfe8bb65282f09c8a066a93271b7d1c8e13cd83c7f172b4e0f90b36cfdac815ad0f66f1abf13e96053187ce75d32c60b44403558421cece5194ed
SSDEEP

384:7Ar628E0PLDfcb7O73a3U+GyCf5uhO0trAyD:7ArClvYOW3vGyCf5VmD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
221cb1484d8781fb292108b8b489659ed5b9484f929c8085fc7dee57b41eed91

Files

221cb1484d8781fb292108b8b489659ed5b9484f929c8085fc7dee57b41eed91
.exe windows:6 windows x64 arch:x64

5c85ab6b0f4c296043a6456d8a23ae40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

QueryPerformanceCounter
Sleep
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetCurrentThreadId
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetTickCount64
GetSystemDirectoryW
VirtualAlloc
VirtualQuery
FreeLibrary
GetModuleHandleW
GetProcAddress
GetModuleHandleExW
ExitProcess
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

msvcrt

free
_initterm
_initterm_e
_set_fmode
_errno
__getmainargs
_environ
_msize
_XcptFilter
__set_app_type
__argc
?_set_new_mode@@YAHH@Z
_commode
?terminate@@YAXXZ
realloc
__C_specific_handler
_amsg_exit
memset
memcpy
__argv
__CxxFrameHandler3

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c85ab6b0f4c296043a6456d8a23ae40

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 960B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 208B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 960B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 208B