67042e2eb5307d927d17c8c7b10d4ca2ad1dbac25d7f46a128ac660f40fbfed6

Sharing

Copy URL

Twitter E-mail

General

Target

67042e2eb5307d927d17c8c7b10d4ca2ad1dbac25d7f46a128ac660f40fbfed6
Size

226KB
MD5

0b4a45c497943ed6364f93b216d2e673
SHA1

24547e9d38e6ecfd6bdaeab7e2c06a925463b24d
SHA256

67042e2eb5307d927d17c8c7b10d4ca2ad1dbac25d7f46a128ac660f40fbfed6
SHA512

2541579d41a3c7debcb45ce4ff69f898ba2395a05b3b05b2610ebc290c0b06263670633cfdab015a61d81d3b1e7048fab52e7cbaf690a742b955f3f4b165f32f
SSDEEP

3072:52c4fTolkkp4C2kTQ693rm5dkrMURSqWttc:ocJkkS+Q7LUUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67042e2eb5307d927d17c8c7b10d4ca2ad1dbac25d7f46a128ac660f40fbfed6

Files

67042e2eb5307d927d17c8c7b10d4ca2ad1dbac25d7f46a128ac660f40fbfed6
.exe windows:5 windows x86 arch:x86

a25409c825daace358ff58c6934806fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugActiveProcess
SetVolumeLabelA
GetNumaProcessorNode
MoveFileExA
GetConsoleAliasExesLengthA
CallNamedPipeA
InterlockedDecrement
GetLogicalDriveStringsW
GlobalSize
SetDefaultCommConfigW
GlobalLock
GetModuleHandleW
GetTickCount
FormatMessageA
GlobalAlloc
GetConsoleMode
GetLocaleInfoW
GetSystemWow64DirectoryW
GetProcessHandleCount
HeapCreate
GetTimeFormatW
GetConsoleAliasW
SetConsoleCursorPosition
GetFileAttributesW
GetModuleFileNameW
GetACP
GetStartupInfoW
GetStringTypeExA
GetStdHandle
ReadConsoleOutputCharacterA
GetProcAddress
MoveFileW
VirtualAllocEx
LoadLibraryA
InterlockedExchangeAdd
OpenWaitableTimerW
SetCommMask
FindAtomA
SetNamedPipeHandleState
OpenFileMappingW
FreeEnvironmentStringsW
BuildCommDCBA
PurgeComm
GetVersionExA
LocalFileTimeToFileTime
CloseHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
MultiByteToWideChar
HeapAlloc
GetLastError
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetFilePointer
GetConsoleCP
FlushFileBuffers
SetStdHandle
CreateFileA

ole32

CoTaskMemAlloc

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 39.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a25409c825daace358ff58c6934806fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 18KB - Virtual size: 39.0MB

.rsrc Size: 91KB - Virtual size: 90KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 18KB - Virtual size: 39.0MB

.rsrc
Size: 91KB - Virtual size: 90KB