b7536335a0cd380f8b01a8f4bec6734314a0fc3e275e2f4d031dcfe988d7d3ea

Sharing

Copy URL

Twitter E-mail

General

Target

b7536335a0cd380f8b01a8f4bec6734314a0fc3e275e2f4d031dcfe988d7d3ea
Size

256KB
MD5

048b3419fbc44454cf100d6281f42007
SHA1

be207c1184babb017d35cddd6b00c72d9ac34840
SHA256

b7536335a0cd380f8b01a8f4bec6734314a0fc3e275e2f4d031dcfe988d7d3ea
SHA512

f185f53c55fa485d745610dd20d07c96da46ae7a4bbf7f3a1e179d91e85b3da6e08135aed0c5eead513040e690580ec99ae559ec24c6066a0000265f16c75f49
SSDEEP

6144:DGzaF0SWUvYex8ESWqxrE2N4jDWbNZc0Pt/ZwlBgJpqh:UaFxYe8Zr/NgDuNiot/ZGBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7536335a0cd380f8b01a8f4bec6734314a0fc3e275e2f4d031dcfe988d7d3ea

Files

b7536335a0cd380f8b01a8f4bec6734314a0fc3e275e2f4d031dcfe988d7d3ea
.exe windows:5 windows x86 arch:x86

fbea55ea67e34b8ef644a189793ea323

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\pageli55 do.pdb

Imports

kernel32

GetLocaleInfoA
SetLocalTime
DebugActiveProcessStop
lstrcpynA
InterlockedIncrement
ReadConsoleA
InterlockedDecrement
GetCurrentProcess
GetSystemWindowsDirectoryW
GetEnvironmentStringsW
GetUserDefaultLCID
SetEvent
GetLocaleInfoW
LeaveCriticalSection
VerifyVersionInfoA
SetConsoleTitleA
GetProcAddress
PeekConsoleInputW
EnterCriticalSection
GetAtomNameA
WriteConsoleA
LocalAlloc
SetConsoleOutputCP
GetModuleFileNameA
GetOEMCP
GetModuleHandleA
GetCPInfoExA
Module32Next
GetCurrentProcessId
AddConsoleAliasA
GetCommandLineW
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
HeapAlloc
Sleep
HeapSize
ExitProcess
RtlUnwind
HeapFree
SetFilePointer
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
IsValidCodePage
RaiseException
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
CloseHandle
CreateFileA
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetProcessHeap
ReadFile

Exports

Exports

@GetAnotherVice@12

Sections

.text
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 29.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbea55ea67e34b8ef644a189793ea323

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 201KB - Virtual size: 200KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 9KB - Virtual size: 29.1MB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 201KB - Virtual size: 200KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 9KB - Virtual size: 29.1MB

.rsrc
Size: 29KB - Virtual size: 28KB