46a86b4cdcd164f7f77ef5e8fa48bcc49cbbb50c1f31b52aeb8b96b305c174f5

Sharing

Copy URL

Twitter E-mail

General

Target

46a86b4cdcd164f7f77ef5e8fa48bcc49cbbb50c1f31b52aeb8b96b305c174f5
Size

366KB
MD5

2bb6ebf08f3bfadd35fe65cf35bf6a7d
SHA1

40c8a2dd6788f29d687ef4393cf0e69501069dfe
SHA256

46a86b4cdcd164f7f77ef5e8fa48bcc49cbbb50c1f31b52aeb8b96b305c174f5
SHA512

9a232ced6c9d42fcf4442f74a59232b1b113b510320d3b9478a7b8daa117ca8a3cf78abfc0d7c1c74c07888784b6985eed4dc47b5689f0a74a417a3f024a83d5
SSDEEP

6144:G7ALz3wLQdNZA5NIUcmmKd6Z+p/0ZQEoRw+xDAlS10/o8yT:G7A3wLQdNZcqm2Z+2oak0Ap

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46a86b4cdcd164f7f77ef5e8fa48bcc49cbbb50c1f31b52aeb8b96b305c174f5

Files

46a86b4cdcd164f7f77ef5e8fa48bcc49cbbb50c1f31b52aeb8b96b305c174f5
.exe windows:5 windows x86 arch:x86

f7e6d9b41ccc550848e53e1a03861e4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
CreateProcessW
ClearCommError
OpenJobObjectA
InterlockedDecrement
GetCurrentProcess
InterlockedCompareExchange
WriteConsoleInputA
GetComputerNameW
FreeEnvironmentStringsA
GetCommConfig
GetDllDirectoryW
GetCurrencyFormatA
GetConsoleAliasExesW
EnumTimeFormatsA
EnumTimeFormatsW
LoadLibraryW
ReadConsoleInputA
GetFileAttributesA
GetTimeFormatW
GetModuleFileNameW
LCMapStringA
TlsGetValue
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
VirtualAlloc
SetFileAttributesA
DefineDosDeviceA
GetTempFileNameA
LoadLibraryA
InterlockedExchangeAdd
OpenEventA
OpenJobObjectW
SetEnvironmentVariableA
GlobalWire
GetModuleFileNameA
GetShortPathNameW
SetFileShortNameA
GetVersionExA
GetLogicalDriveStringsA
GlobalFix
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
HeapAlloc
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
Sleep
ExitProcess
GetStdHandle
HeapFree
CloseHandle
TerminateProcess
IsDebuggerPresent
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetFilePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
CreateFileA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

user32

GetKeyboardLayoutNameA

advapi32

BackupEventLogW

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.subac
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vohusi
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jafaf
Size: 1024B - Virtual size: 923B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kevo
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7e6d9b41ccc550848e53e1a03861e4a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 287KB - Virtual size: 287KB

.data Size: 24KB - Virtual size: 42KB

.subac Size: 1024B - Virtual size: 1024B

.vohusi Size: 512B - Virtual size: 214B

.jafaf Size: 1024B - Virtual size: 923B

.kevo Size: 1024B - Virtual size: 1024B

.rsrc Size: 50KB - Virtual size: 49KB

.text
Size: 287KB - Virtual size: 287KB

.data
Size: 24KB - Virtual size: 42KB

.subac
Size: 1024B - Virtual size: 1024B

.vohusi
Size: 512B - Virtual size: 214B

.jafaf
Size: 1024B - Virtual size: 923B

.kevo
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 50KB - Virtual size: 49KB