47e6e7d988085f0331332e47a32ad8063d468f4e535b2189cab790b729f92daf

General

Target

47e6e7d988085f0331332e47a32ad8063d468f4e535b2189cab790b729f92daf
Size

152KB
MD5

b427962b4e924ac85b4d73f8eb594d1a
SHA1

bb63d30820235493b80bb859ac151e457342909f
SHA256

47e6e7d988085f0331332e47a32ad8063d468f4e535b2189cab790b729f92daf
SHA512

49f8206b370771c8c87ce27d1bb0208b02a50db7ea59de70844040b00b78c93d0f7577d3564a5832c6ffb90ed6ca2f3664c3f2f7833759d25c17827f8cf77302
SSDEEP

3072:DN9dc54QcN4tfgUeyzqSsADIhPjIhTZ1OWibhA:DN9dc5T3gUeIy2hTZ/ehA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47e6e7d988085f0331332e47a32ad8063d468f4e535b2189cab790b729f92daf

Files

47e6e7d988085f0331332e47a32ad8063d468f4e535b2189cab790b729f92daf
.exe windows:4 windows x86 arch:x86

c1c7b3b55a191b18a9ed145a54e45559

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

SetLastError
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetPrivateProfileStringA
GetLocalTime
Sleep
LCMapStringA
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetProcAddress
RaiseException
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadCodePtr
LCMapStringW
SetStdHandle
FlushFileBuffers

user32

wsprintfA
MessageBoxA
GetAsyncKeyState

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c1c7b3b55a191b18a9ed145a54e45559

Headers

File Characteristics

Imports

winmm

kernel32

user32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 84KB - Virtual size: 137KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 84KB - Virtual size: 137KB