dc6ab2d39b66aeb2292fd6d29bd6196182a9e6912c9fd87df2c9727b2e513667

Sharing

Copy URL

Twitter E-mail

General

Target

dc6ab2d39b66aeb2292fd6d29bd6196182a9e6912c9fd87df2c9727b2e513667
Size

365KB
MD5

d36fc7cc5e39090c25293cfcb7f6a169
SHA1

828b607017225dbe91483b98d7640ebb106fc7b8
SHA256

dc6ab2d39b66aeb2292fd6d29bd6196182a9e6912c9fd87df2c9727b2e513667
SHA512

a241c0aab4b4869fc62f16d97e4728ba9c94f9e292763b19b4af4be870bdc8148c853f6f48c20397e8974f7de902124a9bf36a942050cc4fbc29b0d3826177f0
SSDEEP

6144:Hdj5zKWOSW3i+g+FKfuFFPQqfcIeWYPufjI/XGE+OSCkQHoPbB8so:HjKWNh+g+FhRQqWWA+ekQIP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
dc6ab2d39b66aeb2292fd6d29bd6196182a9e6912c9fd87df2c9727b2e513667

Files

dc6ab2d39b66aeb2292fd6d29bd6196182a9e6912c9fd87df2c9727b2e513667
.exe windows:5 windows x86 arch:x86

3944abc45db6fde5aef61e579409b3ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\mafupanu-cutifeg-zilosedujosalo-xaroditiz cuhi36\zuh.pdb

Imports

kernel32

LoadLibraryA
OpenMutexW
SetLocaleInfoA
FindNextVolumeW
GetNamedPipeHandleStateA
FileTimeToLocalFileTime
EnumResourceTypesW
EnumResourceNamesA
FillConsoleOutputCharacterA
CreateTimerQueueTimer
TerminateProcess
SetLastError
SetEvent
FindNextFileW
GetCompressedFileSizeA
CopyFileExW
BuildCommDCBA
VerifyVersionInfoW
FreeResource
GetVersionExA
ReadConsoleOutputCharacterW
SetDefaultCommConfigW
VerLanguageNameW
GetCommConfig
WritePrivateProfileStructA
LocalFree
DeleteTimerQueueTimer
FindNextVolumeMountPointA
GetWriteWatch
WriteConsoleInputW
LoadResource
AddAtomW
GlobalDeleteAtom
GetThreadPriority
CallNamedPipeW
GetDriveTypeW
BuildCommDCBAndTimeoutsW
GetProcAddress
GlobalAlloc
GetVersionExW
GlobalFix
FindFirstChangeNotificationW
VerifyVersionInfoA
SearchPathW
FormatMessageW
GetModuleHandleW
WritePrivateProfileStringW
GetUserDefaultLCID
TerminateThread
SetDllDirectoryW
SetConsoleWindowInfo
InterlockedDecrement
GetStartupInfoA
GetSystemWow64DirectoryW
CopyFileA
GetPrivateProfileIntA
SetCalendarInfoW
DebugBreak
SetConsoleCursorInfo
FreeLibraryAndExitThread
GetModuleFileNameA
SetConsoleScreenBufferSize
WaitForDebugEvent
InterlockedExchangeAdd
GetOEMCP
GetPrivateProfileStringW
CreateActCtxA
ReadConsoleInputW
OutputDebugStringW
PulseEvent
SetThreadAffinityMask
FlushConsoleInputBuffer
lstrlenA
LoadLibraryW
WriteConsoleW
GetThreadContext
FreeEnvironmentStringsA
TryEnterCriticalSection
QueryDepthSList
DeleteFiber
SetProcessPriorityBoost
LockFile
FreeEnvironmentStringsW
GetConsoleCP
CreateIoCompletionPort
FreeConsole
GlobalGetAtomNameW
SetComputerNameA
GetConsoleAliasExesLengthA
CreateMailslotW
GetCommState
MoveFileWithProgressA
GetSystemTimeAdjustment
EnumSystemLocalesW
OpenMutexA
GetLastError
WriteProfileStringA
OpenWaitableTimerW
OpenFileMappingW
GetConsoleAliasesLengthW
SetProcessShutdownParameters
FillConsoleOutputCharacterW
WriteConsoleOutputCharacterW
BuildCommDCBAndTimeoutsA
GetConsoleAliasExesA
GetDateFormatW
Sleep
InterlockedIncrement
ExitProcess
MoveFileA
DeleteFileA
RaiseException
GetStartupInfoW
HeapValidate
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
WriteFile
GetStdHandle
GetACP
GetCPInfo
IsValidCodePage
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
RtlUnwind
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle
FlushFileBuffers

user32

CharUpperW

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3944abc45db6fde5aef61e579409b3ad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 147KB - Virtual size: 147KB

.data Size: 182KB - Virtual size: 345KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 147KB - Virtual size: 147KB

.data
Size: 182KB - Virtual size: 345KB

.rsrc
Size: 34KB - Virtual size: 34KB