2df6ae48f978f4153ca7014fda0c43a0N

Sharing

Copy URL

Twitter E-mail

General

Target

2df6ae48f978f4153ca7014fda0c43a0N
Size

551KB
MD5

2df6ae48f978f4153ca7014fda0c43a0
SHA1

b01223fd1099e8499ad99a4bdef7dcfb0a87d389
SHA256

70f0c3034b67a141c9871881f44a111b236ca1741518b1a0e82a3b542349109a
SHA512

6bf4bf657633ce27768ce15c8019331eff26bec49912dc52dba735e2a3839979bdce3a0e8fb088a409e1bb134fc96e896308c220abd042a61fb7d113933176bb
SSDEEP

12288:7N8Ijm1RfSdAHdW2MY33E+CddtyIDn2aFGnF2fDusHHS:6IjLdIW2My3CdffHqEuyS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

2df6ae48f978f4153ca7014fda0c43a0N

resource
2df6ae48f978f4153ca7014fda0c43a0N

Files

2df6ae48f978f4153ca7014fda0c43a0N
.exe windows:5 windows x86 arch:x86

491e594dd178e0e1cc881884afe309e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\nepaketoy 40-lic ligekeh69\vuziloc-poko-xewuxuticabew\foc.pdb

Imports

kernel32

GetComputerNameA
EnumResourceNamesW
GetThreadIOPendingFlag
SetPriorityClass
lstrlenA
TlsGetValue
CommConfigDialogA
CallNamedPipeA
LoadResource
ZombifyActCtx
ScrollConsoleScreenBufferW
WritePrivateProfileSectionA
GlobalSize
SetHandleInformation
WaitForSingleObject
WriteConsoleInputA
SetComputerNameW
AddConsoleAliasW
SetVolumeMountPointW
GetTickCount
GetConsoleAliasesLengthA
GetWindowsDirectoryA
EnumTimeFormatsA
FindResourceExA
GlobalAlloc
GetVolumeInformationA
GetConsoleMode
ReadConsoleInputA
GetPrivateProfileStructW
SizeofResource
DnsHostnameToComputerNameW
SetConsoleMode
SetConsoleCursorPosition
GetFileAttributesW
LocalReAlloc
WriteConsoleW
IsDBCSLeadByte
ReadFile
CompareStringW
SetThreadPriority
SetConsoleTitleA
DeactivateActCtx
CreateJobObjectA
VerifyVersionInfoW
InterlockedExchange
GetFileSizeEx
SetThreadLocale
GetStdHandle
FillConsoleOutputCharacterW
FindFirstFileExA
GetLastError
SetLastError
ReadConsoleOutputCharacterA
GetProcAddress
VirtualAlloc
WriteProfileSectionA
SetStdHandle
SetFileApisToOEM
LoadLibraryA
OpenMutexA
ProcessIdToSessionId
MoveFileA
AddAtomW
SetCurrentDirectoryW
SetFileApisToANSI
GetPrivateProfileSectionNamesA
GetProcessShutdownParameters
DebugBreakProcess
BuildCommDCBA
WaitForDebugEvent
ScrollConsoleScreenBufferA
GetCurrentThreadId
OpenSemaphoreW
GetVersionExA
LocalSize
FindAtomW
DebugBreak
FindActCtxSectionStringW
CloseHandle
CreateFileW
DeleteFileA
InterlockedIncrement
InterlockedDecrement
DecodePointer
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
IsProcessorFeaturePresent
HeapValidate
IsBadReadPtr
GetModuleFileNameW
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsSetValue
TlsFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
RaiseException
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
OutputDebugStringA
OutputDebugStringW
SetFilePointer
GetConsoleCP
FlushFileBuffers

user32

GetMessageTime
GetMenuInfo

Exports

Exports

_get@12

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 335KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

491e594dd178e0e1cc881884afe309e4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 335KB - Virtual size: 355KB

.rsrc Size: 42KB - Virtual size: 46KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 335KB - Virtual size: 355KB

.rsrc
Size: 42KB - Virtual size: 46KB