eac24946fe0c5ede8915b2720c6c743d3542f8b0489f44e10c4b31638ce24f30

Sharing

Copy URL Twitter E-mail

General

Target

eac24946fe0c5ede8915b2720c6c743d3542f8b0489f44e10c4b31638ce24f30
Size

263KB
MD5

96a3b2a502cdfa1945236d59d7de9d89
SHA1

57a7178964945e75d7c42b5b5c210647548a0b15
SHA256

eac24946fe0c5ede8915b2720c6c743d3542f8b0489f44e10c4b31638ce24f30
SHA512

8e36d6f37915c9081b6af72e144ee22ee22c497824d9d6c1fa55da1652331766bd30ee3cf72b8fc9dd07a44a6adb0fdb71492e6e60188a282a096266ad12d4ad
SSDEEP

6144:8MRMO3asdlM3burg5QQIHn/FsnZAfm0N9+e/huc0HJvHgKJIAHD:ZMsdl4QmQZ/FsZom+s2hSHJvkAHD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eac24946fe0c5ede8915b2720c6c743d3542f8b0489f44e10c4b31638ce24f30

Files

eac24946fe0c5ede8915b2720c6c743d3542f8b0489f44e10c4b31638ce24f30
.exe windows:6 windows x86 arch:x86

10bba68253a7b45b124a4ef9213617db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
GetLastError
OutputDebugStringW
LocalFree
ExitProcess
GetModuleHandleW
WriteProcessMemory
SetLastError
GetCurrentProcess
TerminateProcess
ResumeThread
CloseHandle
LoadLibraryW
VirtualProtectEx
GetProcAddress
VirtualAllocEx
ReadProcessMemory
CreateProcessW
VirtualQueryEx
GetCurrentThreadId
WriteFile
FreeLibrary
LoadLibraryExW
WriteConsoleW
HeapReAlloc
HeapSize
CreateFileW
GetStringTypeW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
DecodePointer
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapFree
HeapAlloc
LCMapStringW
SetFilePointerEx
GetFileType
FindClose
FindFirstFileExW
FindNextFileW

user32

CreateDialogParamW
PostMessageW
GetMessageW
ShowWindow
DispatchMessageW
TranslateMessage
PostQuitMessage
MessageBoxW
DestroyWindow

shell32

CommandLineToArgvW

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10bba68253a7b45b124a4ef9213617db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 177KB - Virtual size: 177KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 177KB - Virtual size: 177KB