b8b7b90f809c36e29fe4d072c3ca58fff5333387c5e85baf91b082483518c102

Sharing

Copy URL

Twitter E-mail

General

Target

b8b7b90f809c36e29fe4d072c3ca58fff5333387c5e85baf91b082483518c102
Size

604KB
MD5

96683133ad494eeb2dc33d1c68e02582
SHA1

e10ddd945f7fade315489cc40a5654ba5cb2c672
SHA256

b8b7b90f809c36e29fe4d072c3ca58fff5333387c5e85baf91b082483518c102
SHA512

391ac2ae9f0127931c496edf9b680347edd8dfd970986dbb8e505098e4423693537e0f724cccfed6c6789de170bb540b51d32676f7883a654313dd9009ba7a9b
SSDEEP

6144:yXFFYLsH/0r7Ys1MFNjNIeGVOn0i511Z1VxOBNq5+iZuo3LZoagvYXni4kEIlFJt:yLYgHsg5F0I11Z1pHbZv4u6lFuo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8b7b90f809c36e29fe4d072c3ca58fff5333387c5e85baf91b082483518c102

Files

b8b7b90f809c36e29fe4d072c3ca58fff5333387c5e85baf91b082483518c102
.exe windows:5 windows x86 arch:x86

f8250be4329d3243c57b4a0ef0e0e955

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetCurrentProcess
SetEnvironmentVariableW
SetComputerNameW
GetComputerNameW
GetTimeFormatA
CreateNamedPipeW
GetCurrencyFormatA
GetConsoleAliasExesW
EnumTimeFormatsW
TlsSetValue
GetEnvironmentStrings
SetFileShortNameW
GetLocaleInfoW
_hread
GetCalendarInfoW
SetVolumeMountPointA
GetFileAttributesA
CreateSemaphoreA
GetModuleFileNameW
CreateActCtxA
GetShortPathNameA
CreateJobObjectA
VerifyVersionInfoW
InterlockedExchange
ClearCommError
GetLastError
GetCurrentDirectoryW
GetProcAddress
EnumSystemCodePagesW
DefineDosDeviceA
FindClose
LoadLibraryA
InterlockedExchangeAdd
LocalAlloc
CreateHardLinkW
GetNumberFormatW
GetCommMask
FoldStringW
SetEnvironmentVariableA
EnumDateFormatsA
GlobalUnWire
OpenEventW
GetShortPathNameW
GetDiskFreeSpaceExA
GetVersionExA
ReadConsoleInputW
GetTempPathA
LocalFree
SetFileAttributesW
LCMapStringW
CreateProcessW
CommConfigDialogA
GetLogicalDriveStringsA
GlobalCompact
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MultiByteToWideChar
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoW
RaiseException
RtlUnwind
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapSize
SetFilePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
LCMapStringA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
GetModuleHandleA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle

gdi32

CreateDCA
GetCharWidth32A
GetCharWidthI

Sections

.text
Size: 472KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nulihi
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pisosac
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8250be4329d3243c57b4a0ef0e0e955

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 472KB - Virtual size: 472KB

.data Size: 24KB - Virtual size: 70KB

.nulihi Size: 1024B - Virtual size: 1024B

.pisosac Size: 512B - Virtual size: 214B

.rsrc Size: 97KB - Virtual size: 96KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 472KB - Virtual size: 472KB

.data
Size: 24KB - Virtual size: 70KB

.nulihi
Size: 1024B - Virtual size: 1024B

.pisosac
Size: 512B - Virtual size: 214B

.rsrc
Size: 97KB - Virtual size: 96KB

.reloc
Size: 8KB - Virtual size: 7KB