8efeba3bfa893de77d32a5f1ac3cd553b3ccdf7c934ba3258301e119d36958fd

Sharing

Copy URL

Twitter E-mail

General

Target

8efeba3bfa893de77d32a5f1ac3cd553b3ccdf7c934ba3258301e119d36958fd
Size

258KB
MD5

d4d51eb5be95ee637bff2fbf62e89dde
SHA1

56d20969973058be6f96416e137ac030b65b95d0
SHA256

8efeba3bfa893de77d32a5f1ac3cd553b3ccdf7c934ba3258301e119d36958fd
SHA512

35e2931c8c2daf0e57978298c08c389cefd12453dd758a0fe81acafe34adc849ee73cdee85b225f067a1c1f1c8315a39a1d4146d4e3ffbcf0b8e7b62bcd46e03
SSDEEP

3072:aa3IM8edbAuESk4pFUyDDSi+/KTk5taJ/Qa1BDfTdTamaIOngi4mM85qQpaN:aarbAus4YRXSTEtaea1Fkmdgg7I8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8efeba3bfa893de77d32a5f1ac3cd553b3ccdf7c934ba3258301e119d36958fd

Files

8efeba3bfa893de77d32a5f1ac3cd553b3ccdf7c934ba3258301e119d36958fd
.exe windows:5 windows x86 arch:x86

7481fe2e387ed47f925846d3818aaeca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\kerocedozafavu93 coyaguvoji\tetito-hec\hic.pdb

Imports

kernel32

GetLocaleInfoA
DebugActiveProcessStop
lstrcpynA
InterlockedIncrement
InterlockedDecrement
GetCurrentProcess
GetSystemWindowsDirectoryW
GetEnvironmentStringsW
GetUserDefaultLCID
GetSystemDefaultLCID
ReadConsoleW
GetLocaleInfoW
LeaveCriticalSection
GetModuleFileNameW
GetACP
SetConsoleTitleA
GetConsoleOutputCP
VerifyVersionInfoW
GetProcAddress
EnterCriticalSection
ResetEvent
GetAtomNameA
WriteConsoleA
LocalAlloc
SetSystemTime
GetModuleHandleA
Module32Next
GetCurrentProcessId
AddConsoleAliasA
GetCommandLineW
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
HeapAlloc
Sleep
HeapSize
ExitProcess
RtlUnwind
HeapFree
SetFilePointer
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
RaiseException
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
CloseHandle
CreateFileA
SetStdHandle
FlushFileBuffers
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetProcessHeap
ReadFile

Exports

Exports

@GetAnotherVice@12

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 29.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7481fe2e387ed47f925846d3818aaeca

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 202KB - Virtual size: 202KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 9KB - Virtual size: 29.1MB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 202KB - Virtual size: 202KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 9KB - Virtual size: 29.1MB

.rsrc
Size: 30KB - Virtual size: 29KB