cd2589d7c441d5b39cd682e477d9ac39cffe6d1999e5d4b919e7f1e85c7d3676

Sharing

Copy URL Twitter E-mail

General

Target

cd2589d7c441d5b39cd682e477d9ac39cffe6d1999e5d4b919e7f1e85c7d3676
Size

4.2MB
MD5

f7d763a9b4e3e15df84a751f8952659e
SHA1

8c72cb6c33a4296cbd4ecded942c28606f6c50c7
SHA256

cd2589d7c441d5b39cd682e477d9ac39cffe6d1999e5d4b919e7f1e85c7d3676
SHA512

1c9a585334c43c0c8bebab08ff6a1b42eaa665b5f70bd4708c7d8da5bbc3a5669bbf731c689c3b3b6e56d751bc6d7b4844b7f8900cb43f27a42d869036b3557f
SSDEEP

49152:fiBBo1LC1f5faAxSyg14rdI2RET8MQhXkvDWcLmIOMUjctHk+XS8yz24SLezjDJh:FU5MTl1KP0L6Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd2589d7c441d5b39cd682e477d9ac39cffe6d1999e5d4b919e7f1e85c7d3676

Files

cd2589d7c441d5b39cd682e477d9ac39cffe6d1999e5d4b919e7f1e85c7d3676
.exe windows:5 windows x64 arch:x64

d4e9bad46b4f4a9214d56d738f2d4148

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleFileNameW
LoadLibraryW
FlushFileBuffers
GetFileType
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FlsFree
FlsSetValue
RaiseException
FlsAlloc
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
WriteFile
RtlPcToFileHeader
TlsFree
TlsSetValue
TlsGetValue
CompareStringW
GetStringTypeW
LCMapStringW
DeleteCriticalSection
EncodePointer
VirtualQuery
RtlUnwindEx
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetFileAttributesW
FreeLibrary
GetConsoleOutputCP
GetSystemDirectoryW
GetTickCount
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SetFilePointerEx
RtlAddFunctionTable
RtlDeleteFunctionTable
GetProcessHeap
HeapAlloc
FindClose
FindFirstFileW
FindNextFileW
CreateFileW
GetEnvironmentVariableW
GetCurrentDirectoryW
FormatMessageW
GetModuleHandleW
WriteConsoleW
MultiByteToWideChar
WaitForSingleObject
GetConsoleMode
GetStdHandle
SetLastError
LocalFree
GetCurrentThread
AddVectoredExceptionHandler
VirtualProtect
GetNativeSystemInfo
CreateThread
SwitchToThread
GetModuleHandleA
UnmapViewOfFile
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualFree
GetLastError
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
HeapSize
TlsAlloc
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
lstrlenW
CloseHandle
CreateMutexA
GetCurrentProcessId
ReleaseMutex
WideCharToMultiByte
GetCurrentProcess
GetProcAddress
LoadLibraryA
WaitForSingleObjectEx
HeapReAlloc
FlsGetValue
HeapFree

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 750KB - Virtual size: 750KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4e9bad46b4f4a9214d56d738f2d4148

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 750KB - Virtual size: 750KB

.data Size: 87KB - Virtual size: 93KB

.pdata Size: 82KB - Virtual size: 81KB

.reloc Size: 34KB - Virtual size: 33KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 750KB - Virtual size: 750KB

.data
Size: 87KB - Virtual size: 93KB

.pdata
Size: 82KB - Virtual size: 81KB

.reloc
Size: 34KB - Virtual size: 33KB