181e8664648303addb9d39f70bb840dce02cef4e4f1cffefa4b88b2663e8f8c9

Sharing

Copy URL

Twitter E-mail

General

Target

181e8664648303addb9d39f70bb840dce02cef4e4f1cffefa4b88b2663e8f8c9
Size

114KB
MD5

c07814b7c639d7f00eb2c91d172619b2
SHA1

e17d0bd279bfe63d9db2a080a2c1e785513ea24e
SHA256

181e8664648303addb9d39f70bb840dce02cef4e4f1cffefa4b88b2663e8f8c9
SHA512

472a54344a4992acf7c904f0e64f94f1b59b2f82d94f255bd924517885921d0551e6db2c897569d533f9cf12b2c6ef0d589e928fa45727802bca40f638452581
SSDEEP

3072:EmaLTs2pH+a7+kI1NDnpo+FQcLAaTBuBH39XlQVLL:XNEKnpNFQcZVuJxuJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/725a938bfffc258f26a2ede43286fc8603c8c98a7ea4a3f30daa44babe88dc4d.exe

Files

181e8664648303addb9d39f70bb840dce02cef4e4f1cffefa4b88b2663e8f8c9
.zip

Password: infected
725a938bfffc258f26a2ede43286fc8603c8c98a7ea4a3f30daa44babe88dc4d.exe
.exe windows:5 windows x86 arch:x86

81cb68cc20ee69ac5f93f68a2f825c6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\zeyezepahuj\wohirewuyud\posovew36 zezuyup rib.pdb

Imports

kernel32

LoadLibraryW
GetVolumeInformationA
EnumSystemCodePagesA
LocalFree
FindNextFileW
TlsGetValue
CopyFileExA
MoveFileWithProgressA
SetVolumeLabelA
GetFirmwareEnvironmentVariableA
VerifyVersionInfoW
QueryDosDeviceW
EnumCalendarInfoExW
LocalFlags
VirtualProtect
SetFirmwareEnvironmentVariableW
CreateFileA
MapViewOfFile
GetWindowsDirectoryW
GetModuleHandleA
VirtualAlloc
IsBadReadPtr
CreateMemoryResourceNotification
WriteConsoleInputW
FindNextVolumeMountPointW
OpenWaitableTimerW
LocalReAlloc
FindResourceA
SearchPathA
RequestWakeupLatency
CallNamedPipeA
GetProcAddress
LoadLibraryA
GlobalAlloc
SetFileTime
GetConsoleAliasesLengthW
GetVolumeNameForVolumeMountPointA
SetCalendarInfoA
GetModuleHandleW
TerminateThread
GetSystemWindowsDirectoryW
MoveFileA
ResetWriteWatch
GetMailslotInfo
SetThreadUILanguage
GetDiskFreeSpaceExA
SetVolumeMountPointA
GetOEMCP
SetProcessAffinityMask
GlobalFindAtomW
MoveFileWithProgressW
InterlockedIncrement
InterlockedExchangeAdd
CancelTimerQueueTimer
ZombifyActCtx
InitializeCriticalSection
FindNextVolumeW
LeaveCriticalSection
GetDevicePowerState
InterlockedExchange
SetConsoleTitleA
GetPrivateProfileStructW
InterlockedCompareExchange
GetConsoleAliasExesLengthA
EnumCalendarInfoW
InterlockedDecrement
GetEnvironmentStringsW
GetTickCount
SetLastError
AddAtomA
Sleep
DeleteCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetLastError
DeleteFileA
GetStartupInfoW
HeapFree
HeapAlloc
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
GetCPInfo
GetACP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
FlushFileBuffers
ReadFile
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle

user32

GetAltTabInfoW

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

81cb68cc20ee69ac5f93f68a2f825c6d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 81KB - Virtual size: 80KB

.data Size: 70KB - Virtual size: 1.4MB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 81KB - Virtual size: 80KB

.data
Size: 70KB - Virtual size: 1.4MB

.rsrc
Size: 22KB - Virtual size: 21KB