80db7ca918eab444fef4b4668520f36e7013e8698bd29bd8da4e9a53dad01067

Sharing

Copy URL

Twitter E-mail

General

Target

80db7ca918eab444fef4b4668520f36e7013e8698bd29bd8da4e9a53dad01067
Size

28KB
MD5

4fbf57512b465ce3a6666a85a395526b
SHA1

1412270df9b9ac074c0807d429df7dbd25725d32
SHA256

80db7ca918eab444fef4b4668520f36e7013e8698bd29bd8da4e9a53dad01067
SHA512

0fe719f79b0d1562885ff4ffefe0c21879bf95a1a422e463e43bc1263f3eae90fb5bac53105dc5880da66b5efedec4440b40b7a640d1f4721bfc263950245ca2
SSDEEP

768:JhcuFQ/638hzUBwByJZ8BjzFhW9QRLnBqXpjHaIOXivqxjQ:3cuFQ/63M6AhFhW9QNeB6IOivqxjQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80db7ca918eab444fef4b4668520f36e7013e8698bd29bd8da4e9a53dad01067

Files

80db7ca918eab444fef4b4668520f36e7013e8698bd29bd8da4e9a53dad01067
.exe windows:5 windows x86 arch:x86

46be1b7fa62c84f0763cea38f29f95d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
GetConsoleOutputCP
GetFileType
GetStdHandle
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
ReadFile
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
ExitProcess
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
HeapReAlloc
HeapFree
GetCurrentProcessId
SetLastError
WriteConsoleW
HeapSize
HeapAlloc
GetProcessHeap
HeapValidate
WideCharToMultiByte
VerifyVersionInfoW
FormatMessageW
CompareStringA
GetThreadLocale
CompareStringW
GetConsoleMode
LocalFree
GetModuleFileNameW
lstrlenW
VerSetConditionMask

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
_iob
_vsnwprintf
_errno
_get_osfhandle
_fileno
wcstod
wcstoul
wcstol
fflush
fprintf

advapi32

IsTextUnicode

user32

SetClipboardData
EmptyClipboard
OpenClipboard
CharUpperW
LoadStringW
CloseClipboard

ws2_32

WSACleanup

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

StrChrW
StrChrIW
StrStrW
StrStrIW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46be1b7fa62c84f0763cea38f29f95d1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

ws2_32

version

shlwapi

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 344B

.rsrc Size: 8KB - Virtual size: 40KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 344B

.rsrc
Size: 8KB - Virtual size: 40KB