151e25f0549fa1eb10fe1e674539d639f4eca600caf93e113a5d7b35ab0accbd

Sharing

Copy URL

Twitter E-mail

General

Target

151e25f0549fa1eb10fe1e674539d639f4eca600caf93e113a5d7b35ab0accbd
Size

588KB
MD5

c9e3c32ff530b880dc99a25d146b3ffc
SHA1

72668e423fce9eb9546a57b495e993785eb81f13
SHA256

151e25f0549fa1eb10fe1e674539d639f4eca600caf93e113a5d7b35ab0accbd
SHA512

2047edb2e08609175e46af670a4824f64addbfb9918e432a769f1cd513b2eb7767c10589edfac7497f3cdb70da51dbaecb6eb5e0bc26946918b7a2977df99170
SSDEEP

6144:oGXBqTi0hbFVJnsdPq0TYU4bWmb8pRYp9HtfqQnHlETCf/MiO7OhQPdVw1iieJVB:oGXknsdPhTYUDvU9nHWTFPdxJVQX+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
151e25f0549fa1eb10fe1e674539d639f4eca600caf93e113a5d7b35ab0accbd

Files

151e25f0549fa1eb10fe1e674539d639f4eca600caf93e113a5d7b35ab0accbd
.exe windows:5 windows x64 arch:x64

f9aab2db3d513b3cc8d4495d3558aeea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

H:\2005demo编译\2005demo\x64\Release\2005demo.pdb

Imports

kernel32

Sleep
SetConsoleTitleA
GetTickCount
GetCurrentProcessId
GetConsoleTitleA
GetProcAddress
LoadLibraryA
GetStringTypeW
MultiByteToWideChar
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineA
HeapAlloc
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
HeapSetInformation
GetVersion
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
HeapReAlloc
LCMapStringW

user32

wsprintfA
FindWindowA
UpdateWindow
ShowWindow

Exports

Exports

GetConsoleWindow

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 537KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9aab2db3d513b3cc8d4495d3558aeea

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 537KB - Virtual size: 542KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 448B

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 537KB - Virtual size: 542KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 448B