849e35dd91309b3a37c79d7f15a662953e30d066ff0af70f2933835bc2e0ea2f

Sharing

Copy URL

Twitter E-mail

General

Target

849e35dd91309b3a37c79d7f15a662953e30d066ff0af70f2933835bc2e0ea2f
Size

2.2MB
MD5

14bf411591fa40cec816d503b48129d9
SHA1

7d5811ef03d5f5dfe90748262f4c418839718fec
SHA256

849e35dd91309b3a37c79d7f15a662953e30d066ff0af70f2933835bc2e0ea2f
SHA512

c1604bd3b6eb6379f85197c4fd2f42dea0208f46ddf5b97f550baf13365b410266b5043e93dc409135f0c8a69e85d968a835656c09811de3c1c709c139460a84
SSDEEP

24576:t7PpqzgOiPMoi2BkTIWHusHnrdCW/4J8jDsI4s9+cfw+GeKTZlGSSBXGZbVesnkv:dpqzgwIoCnkxkV2aPY2a17oppy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
849e35dd91309b3a37c79d7f15a662953e30d066ff0af70f2933835bc2e0ea2f

Files

849e35dd91309b3a37c79d7f15a662953e30d066ff0af70f2933835bc2e0ea2f
.exe windows:4 windows x86 arch:x86

06ee8d1da39d05d726a1e5cfbab7b1ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
GetEnvironmentVariableA
GetThreadLocale
LoadLibraryA
FormatMessageA
LocalFree
QueryPerformanceFrequency
QueryPerformanceCounter
TlsAlloc
GetCurrentThreadId
TlsGetValue
TlsSetValue
TlsFree
GetComputerNameA
GetModuleHandleExA
GetModuleFileNameA
LoadLibraryExA
FormatMessageW
WideCharToMultiByte
FreeLibrary
GetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
WaitForSingleObject
ResetEvent
SetEvent
InitializeCriticalSection
CreateEventA
SetThreadPriority
TerminateThread
CreateThread
DuplicateHandle
GetExitCodeThread
SleepEx
VirtualQuery
GetSystemDirectoryA
GetProcAddress
GetSystemInfo
AllocConsole
GetStdHandle
WriteFile
SetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetModuleHandleA
ExitProcess
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapReAlloc
GetCurrentProcessId
SetConsoleCtrlHandler
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedIncrement
SetLastError
InterlockedDecrement
GetTimeZoneInformation
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
CreateFileA
MultiByteToWideChar
ReadFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

06ee8d1da39d05d726a1e5cfbab7b1ec

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 148KB - Virtual size: 144KB

.data Size: 24KB - Virtual size: 60KB

.trace Size: 88KB - Virtual size: 88KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 148KB - Virtual size: 144KB

.data
Size: 24KB - Virtual size: 60KB

.trace
Size: 88KB - Virtual size: 88KB