9ae0e924ec2bbcdaa51307afca0ceab64e7e07ff5a292bc39a95269051aed273

Sharing

Copy URL

Twitter E-mail

General

Target

9ae0e924ec2bbcdaa51307afca0ceab64e7e07ff5a292bc39a95269051aed273
Size

1.4MB
MD5

c777ac76464d78b43bd69d4f87e69e87
SHA1

117fa27b495338ba36239040379acd77e3cb1d77
SHA256

9ae0e924ec2bbcdaa51307afca0ceab64e7e07ff5a292bc39a95269051aed273
SHA512

30f128a6f9daf391990d6f7b7a5f8f59dcb8c39d3e3cad0e6f27bc9ed0f26979cb0b4b8997a4d169d774db3fdb7de332eb64f2cfe3755e1169b888a839bbbb88
SSDEEP

24576:gz3RWN9meJZJxVAfa726NGUi2F8UcyF//8tvvD3IfyNtblBiBCRDQE:3ui7Afa72692TwElBkCZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ae0e924ec2bbcdaa51307afca0ceab64e7e07ff5a292bc39a95269051aed273

Files

9ae0e924ec2bbcdaa51307afca0ceab64e7e07ff5a292bc39a95269051aed273
.exe windows:6 windows x64 arch:x64

375ef123d56cdfb909c9570227f73316

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\uuid\ConsoleApplication1\x64\Release\ConsoleApplication1.pdb

Imports

kernel32

HeapCreate
EnumSystemLocalesA
CloseHandle
HeapAlloc
GetConsoleWindow
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
QueryPerformanceCounter

user32

ShowWindow

rpcrt4

UuidFromStringA

vcruntime140

__current_exception
__current_exception_context
memset
__C_specific_handler
memcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func
__p__commode
_set_fmode

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_crt_atexit
terminate
_seh_filter_exe
_set_app_type
_initialize_onexit_table
_cexit
__p___argv
__p___argc
_c_exit
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_register_thread_local_exe_atexit_callback

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

psapi

GetMappedFileNameW

advapi32

RegSetValueExA

shell32

SHGetFolderPathW

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

375ef123d56cdfb909c9570227f73316

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

rpcrt4

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

iphlpapi

msvcrt

psapi

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 52KB

.sedata Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 27KB - Virtual size: 28KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 52KB

.sedata
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 27KB - Virtual size: 28KB

.sedata
Size: 4KB - Virtual size: 4KB