71d9e1a060b59e293a2e098444b63221

Sharing

Copy URL

Twitter E-mail

General

Target

71d9e1a060b59e293a2e098444b63221
Size

294KB
MD5

71d9e1a060b59e293a2e098444b63221
SHA1

5fde17a9e0b83c7e994bfa433eabd821f7589528
SHA256

989079c4efa222424d97d1e0e763defcdba4c0e83aaf06cbe31b71f7e38afb71
SHA512

11fa8b09b2cb68d48d9d54d592a4a60d86801df173ab5eafc0b1f28c26efb6c3b4b5257188d98ce1a758d25bb8645a0909ffe13fc86c2cd529d2710cd32200a6
SSDEEP

6144:iWgfoGFED9pK4gzrAOcWKEXdklSzMkfn5:iZfoGFEmqWKEXSDQn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d9e1a060b59e293a2e098444b63221

Files

71d9e1a060b59e293a2e098444b63221
.exe windows:6 windows x86 arch:x86

763cdaefcf7886ce360ad2931861cb7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TlsAlloc
GetCurrentProcess
TerminateProcess
GetStartupInfoW
GetCurrentProcessId

api-ms-win-core-console-l3-2-0

GetConsoleWindow

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-localization-l1-2-0

LCMapStringEx
EnumSystemLocalesW
IsValidLocale
GetACP
GetUserDefaultLCID
GetOEMCP
GetCPInfo
GetLocaleInfoW
IsValidCodePage
LCMapStringW

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
GetStringTypeW
CompareStringW
MultiByteToWideChar

user32

GetForegroundWindow
ShowWindow
GetWindowThreadProcessId
PostMessageA

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetLastError
RaiseException
GetLastError
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
GetProcAddress
GetModuleHandleW

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind

api-ms-win-core-processenvironment-l1-1-0

GetStdHandle
SetStdHandle
FreeEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
SetEnvironmentVariableW

api-ms-win-core-file-l1-1-0

FlushFileBuffers
CreateFileW
ReadFile
GetFileSizeEx
SetFilePointerEx
FindNextFileW
FindClose
GetFileType
FindFirstFileExW
WriteFile

api-ms-win-core-heap-l1-1-0

HeapReAlloc
GetProcessHeap
HeapFree
HeapAlloc
HeapSize

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-console-l1-1-0

WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
ReadConsoleW

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

763cdaefcf7886ce360ad2931861cb7f

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-console-l3-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-string-l1-1-0

user32

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-console-l1-1-0

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 112KB - Virtual size: 115KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 112KB - Virtual size: 115KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 7KB - Virtual size: 6KB