50e85ac3d9bdf258c9c511b687f2ec6e1a09604cd91947633d2ee6c1d56c0260

Sharing

Copy URL

Twitter E-mail

General

Target

50e85ac3d9bdf258c9c511b687f2ec6e1a09604cd91947633d2ee6c1d56c0260
Size

287KB
MD5

fcf3ff415044e14199d68d62de873472
SHA1

3bd17ad9fd41b3078de18e19e85df46c71eeb545
SHA256

50e85ac3d9bdf258c9c511b687f2ec6e1a09604cd91947633d2ee6c1d56c0260
SHA512

054a62c84682fc8eb5adec9f4290ee400a14e827ad091ed8f8d48cc62febf187f38eacc76d438bddb99a8e7c65480893ec89abc85e292cde23bc4b2690bd16a0
SSDEEP

6144:fx7GSfhDn+jh+LcOB0Vl3k30t9WkCeVpY55rfMR2efAIA:tGShz2hUwU3auxPzzpIA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50e85ac3d9bdf258c9c511b687f2ec6e1a09604cd91947633d2ee6c1d56c0260

Files

50e85ac3d9bdf258c9c511b687f2ec6e1a09604cd91947633d2ee6c1d56c0260
.exe windows:5 windows x86 arch:x86

277f12ee4593006d0849fdfcafe37abf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetCurrentProcess
GetLogicalDriveStringsW
InterlockedCompareExchange
SetVolumeMountPointW
GetModuleHandleW
GetTickCount
CreateNamedPipeW
FindNextVolumeMountPointA
GetNumberFormatA
CreateActCtxW
TlsSetValue
SetFileShortNameW
LoadLibraryW
LocalShrink
GetLocaleInfoW
GetCalendarInfoA
SetConsoleCP
GetFileAttributesW
GetModuleFileNameW
GetShortPathNameA
CreateJobObjectA
LCMapStringA
VerifyVersionInfoW
InterlockedExchange
GlobalUnfix
GetLastError
SetLastError
GetProcAddress
EnumSystemCodePagesW
GetConsoleDisplayMode
SetComputerNameA
LoadModule
SetThreadPriorityBoost
GetCommState
LocalAlloc
GetFileType
CreateFileMappingW
CreateHardLinkW
GetNumberFormatW
CreateEventW
FoldStringA
SetEnvironmentVariableA
EnumDateFormatsA
GetProcessShutdownParameters
LoadLibraryExA
VirtualProtect
GetCurrentDirectoryA
GetFileTime
OpenEventW
PeekConsoleInputA
SetCalendarInfoA
GetVersionExA
GetDiskFreeSpaceExW
GetWindowsDirectoryW
DebugBreak
GetTempPathA
EnumCalendarInfoExA
CommConfigDialogW
WriteConsoleW
CreateFileW
IsProcessorFeaturePresent
RaiseException
FlushFileBuffers
GetConsoleAliasExesLengthA
SetEndOfFile
GetConsoleAliasExesA
EnumCalendarInfoA
GlobalMemoryStatus
SetDefaultCommConfigA
MultiByteToWideChar
HeapFree
HeapAlloc
EncodePointer
DecodePointer
HeapReAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsFree
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapCreate
ExitProcess
WriteFile
GetStdHandle
Sleep
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
LCMapStringW
GetStringTypeW
RtlUnwind
SetStdHandle
GetConsoleCP
GetConsoleMode

user32

LoadMenuA
GetMenuStringW
CharUpperA
GetMenu
GetWindowLongW
DrawStateW
SetCaretPos
InsertMenuItemW

gdi32

GetCharWidthFloatA
CreateDCA
DeleteMetaFile
GetCharWidth32A
GetTextMetricsA
GetBkMode

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 32.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.howo
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mog
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

277f12ee4593006d0849fdfcafe37abf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 229KB - Virtual size: 228KB

.data Size: 23KB - Virtual size: 32.1MB

.howo Size: 1024B - Virtual size: 1024B

.mog Size: 512B - Virtual size: 214B

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 229KB - Virtual size: 228KB

.data
Size: 23KB - Virtual size: 32.1MB

.howo
Size: 1024B - Virtual size: 1024B

.mog
Size: 512B - Virtual size: 214B

.rsrc
Size: 32KB - Virtual size: 32KB