9360f1b394216dde2d02525c02f8118ebc0a047a810838e848b01df5dffd6cfc

Sharing

Copy URL

Twitter E-mail

General

Target

9360f1b394216dde2d02525c02f8118ebc0a047a810838e848b01df5dffd6cfc
Size

421KB
MD5

1a0fe993e2a9709c41e3388a9ad284c1
SHA1

9c233e8cacca30e291184a4eff341d453648e42d
SHA256

9360f1b394216dde2d02525c02f8118ebc0a047a810838e848b01df5dffd6cfc
SHA512

fbcbad5aac33edc82cba79d806939af7c5ea3ad8c43b4333725e56fa160093d885e8ba61e55907d7c37205f11a6ea489ec4b4ff4d45321868c1f4f3f2e16179d
SSDEEP

6144:ROWzR3+a9XKBBheFmOU+BQ82QKTPr3ve1YTxk52iyJEFLrZZ:R3zEaBKBBheBUEQ8gTPLve1exkdyJcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9360f1b394216dde2d02525c02f8118ebc0a047a810838e848b01df5dffd6cfc

Files

9360f1b394216dde2d02525c02f8118ebc0a047a810838e848b01df5dffd6cfc
.exe windows:5 windows x86 arch:x86

4eb02e1fe9496df33596532c6e671ce9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ruladafo\yejahezujig85 lawokisuji\wid.pdb

Imports

kernel32

OpenFileMappingA
GetNumaProcessorNode
FindFirstVolumeW
ExitProcess
GetExitCodeProcess
ProcessIdToSessionId
GetVersionExW
VerifyVersionInfoW
GetPrivateProfileStringW
GetConsoleCP
TlsGetValue
SetConsoleMode
CopyFileExW
VerLanguageNameW
FindFirstChangeNotificationA
FreeEnvironmentStringsA
RequestWakeupLatency
SetVolumeMountPointA
SetCurrentDirectoryW
GetLongPathNameA
TlsSetValue
SetConsoleCursorInfo
GlobalHandle
TzSpecificLocalTimeToSystemTime
SetProcessShutdownParameters
CompareStringW
LocalLock
GetNamedPipeHandleStateW
BuildCommDCBAndTimeoutsA
GetProcAddress
GetModuleHandleA
LocalAlloc
Sleep
MoveFileExA
SetEnvironmentVariableW
InterlockedDecrement
InterlockedExchange
DeleteFileW
GetVolumePathNamesForVolumeNameA
GetPrivateProfileIntW
HeapValidate
GetProcessHeaps
CreateNamedPipeW
GetCPInfoExA
GetSystemWindowsDirectoryW
GetSystemWow64DirectoryA
SetLastError
GetCalendarInfoW
GetLastError
GetStringTypeA
DeleteVolumeMountPointA
GetThreadSelectorEntry
WaitForDebugEvent
WriteFileGather
GetTempPathW
GetDefaultCommConfigW
UnmapViewOfFile
GlobalUnWire
WritePrivateProfileSectionA
TerminateThread
WriteProfileStringW
lstrcatW
VirtualLock
InterlockedPopEntrySList
OutputDebugStringA
SetConsoleTitleA
DefineDosDeviceW
LoadLibraryW
WritePrivateProfileStringW
WaitNamedPipeA
InterlockedIncrement
TerminateProcess
GetHandleInformation
GetPrivateProfileStringA
GetComputerNameW
ResetEvent
GetThreadContext
MoveFileExW
GlobalLock
UnregisterWaitEx
BuildCommDCBA
PeekConsoleInputW
ReadConsoleOutputW
GetNumberFormatW
CreateSemaphoreA
EnumDateFormatsA
DuplicateHandle
GetStdHandle
GetPrivateProfileSectionNamesA
FindResourceExW
EnumTimeFormatsA
SetLocalTime
CreateSemaphoreW
FindNextFileA
FindFirstFileA
OutputDebugStringW
SetFileValidData
lstrcpyA
CreateHardLinkA
SetThreadExecutionState
SetSystemTime
LockFile
EnumCalendarInfoExA
SetConsoleCP
SetConsoleScreenBufferSize
SearchPathA
GetOverlappedResult
IsBadStringPtrW
GetAtomNameW
GetConsoleAliasExesLengthW
WriteConsoleInputA
LocalUnlock
EnumDateFormatsW
SetCommConfig
_lopen
EnumSystemLocalesW
GetCommState
SetEndOfFile
CreateTimerQueueTimer
ResetWriteWatch
UnhandledExceptionFilter
OpenSemaphoreW
GetConsoleScreenBufferInfo
CreateActCtxW
HeapSetInformation
GetSystemTimeAdjustment
GetComputerNameA
HeapFree
CommConfigDialogW
GetModuleFileNameA
OpenMutexW
GetBinaryTypeW
AllocateUserPhysicalPages
FindResourceW
AreFileApisANSI
DeleteTimerQueueTimer
EnumResourceNamesW
CreateTimerQueue
GetProcessHandleCount
UnregisterWait
IsBadWritePtr
GetCurrentProcessId
FatalAppExitA
GetFileAttributesA
lstrcpynW
GetNamedPipeHandleStateA
WriteConsoleOutputAttribute
GetCompressedFileSizeW
SetFileShortNameA
GetFullPathNameW
WriteProfileStringA
AddVectoredExceptionHandler
GlobalAddAtomA
EnumDateFormatsExW
QueryInformationJobObject
QueryDosDeviceA
LeaveCriticalSection
GetBinaryTypeA
SetCurrentDirectoryA
ReadFileEx
lstrlenW
EncodePointer
DecodePointer
MoveFileA
DeleteFileA
GetCommandLineW
GetStartupInfoW
IsProcessorFeaturePresent
IsBadReadPtr
GetModuleHandleW
EnterCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsFree
HeapCreate
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RaiseException
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleMode
WriteConsoleW
LCMapStringW
MultiByteToWideChar
GetStringTypeW
FlushFileBuffers
SetStdHandle
CloseHandle
CreateFileW

Sections

.text
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 562KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4eb02e1fe9496df33596532c6e671ce9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 335KB - Virtual size: 334KB

.data Size: 55KB - Virtual size: 562KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 335KB - Virtual size: 334KB

.data
Size: 55KB - Virtual size: 562KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 15KB - Virtual size: 14KB