600d12c5f280a0099768da6eb1d848c38b034a5dd2a9c552cd48468010250406N

Sharing

Copy URL

Twitter E-mail

General

Target

600d12c5f280a0099768da6eb1d848c38b034a5dd2a9c552cd48468010250406N
Size

235KB
MD5

f5c1aae46b6a8b195cf1b47e2b8e1130
SHA1

3b076f628c5f7ad7cf46b62e36b3848cfe360739
SHA256

600d12c5f280a0099768da6eb1d848c38b034a5dd2a9c552cd48468010250406
SHA512

dc8842247eed26846c9fd1c85b2780f10e1787ecfc5376ce849aec54f3785fa8bb7e35c34dae3b9cb498d02ea3bbeb7779bf9bdf1f78a8e32313b75e8874d159
SSDEEP

1536:mVeFjCBnCaz6rE1cY9fXwZk9wHpbwv/w8gAHivc5JOSKjZMSv+O3l0idAQ/n7Wt9:HjAJXopwv/rzHivc51HWrMjRSqWttc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
600d12c5f280a0099768da6eb1d848c38b034a5dd2a9c552cd48468010250406N

Files

600d12c5f280a0099768da6eb1d848c38b034a5dd2a9c552cd48468010250406N
.exe windows:5 windows x86 arch:x86

09ed4c441fb80af7d8ad132c52e30ab4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugActiveProcess
GetNumaProcessorNode
MoveFileExA
GetConsoleAliasExesLengthA
CallNamedPipeA
InterlockedDecrement
GetLogicalDriveStringsW
GlobalSize
SetDefaultCommConfigW
GlobalLock
GetModuleHandleW
GetTickCount
GlobalAlloc
GetConsoleMode
GetLocaleInfoW
GetSystemWow64DirectoryW
GetProcessHandleCount
HeapCreate
GetTimeFormatW
GetConsoleAliasW
SetConsoleCursorPosition
GetFileAttributesW
GetModuleFileNameW
GetACP
GetStartupInfoW
GetStringTypeExA
GetStdHandle
ReadConsoleOutputCharacterA
GetProcAddress
VirtualAlloc
MoveFileW
LoadLibraryA
InterlockedExchangeAdd
OpenWaitableTimerW
SetCommMask
FindAtomA
SetNamedPipeHandleState
OpenFileMappingW
FreeEnvironmentStringsW
BuildCommDCBA
PurgeComm
LocalFileTimeToFileTime
CloseHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
MultiByteToWideChar
HeapAlloc
GetLastError
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetFilePointer
GetConsoleCP
FlushFileBuffers
SetStdHandle
CreateFileA

ole32

CoTaskMemRealloc

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 39.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09ed4c441fb80af7d8ad132c52e30ab4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 18KB - Virtual size: 39.0MB

.rsrc Size: 91KB - Virtual size: 91KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 18KB - Virtual size: 39.0MB

.rsrc
Size: 91KB - Virtual size: 91KB