482162548f28d0ae3a695a27788b621510ea7375e2122383b7519358c20595bf

Resubmissions

13-01-2025 05:30

250113-f69b5s1jcj 10

12-01-2025 19:19

250112-x1nlxsvqby 10

Sharing

Copy URL

Twitter E-mail

General

Target

482162548f28d0ae3a695a27788b621510ea7375e2122383b7519358c20595bf
Size

1.3MB
MD5

d81f3f0e2284bb7751e6004c3835064a
SHA1

6afb6f15517b3d9b40a9fcf63943781dc7f89513
SHA256

482162548f28d0ae3a695a27788b621510ea7375e2122383b7519358c20595bf
SHA512

a7879b605654090c3e1bdac4e2c18ff098d0707cd056e05f5d9ab86aa1a8e309cc5f118f7e815787d4c701f87241fcf1a2eac37d90f99de234d9fd502a6926c5
SSDEEP

24576:3HtCx/lHI38bG/CogIvZD309jESvNoZh9JQVr8+VHjUhOGrgLWGiFSHz:sc8bG/Coo9jESIeV/jUqcFe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
482162548f28d0ae3a695a27788b621510ea7375e2122383b7519358c20595bf

Files

482162548f28d0ae3a695a27788b621510ea7375e2122383b7519358c20595bf
.exe windows:5 windows x86 arch:x86

0ca800e5917b37d4675d52303cb1287e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\walabotamoloz-jebacunimoxoy\habolururuci\hewipumo.pdb

Imports

kernel32

GetFileSize
GlobalDeleteAtom
SetFilePointer
lstrlenA
TlsGetValue
SetLocalTime
CommConfigDialogA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
SetFirmwareEnvironmentVariableA
GetSystemWindowsDirectoryW
CreateDirectoryW
GetComputerNameW
CreateDirectoryExA
SetTapeParameters
GetProcessPriorityBoost
GetTickCount
GetConsoleAliasesLengthA
GetPrivateProfileStringW
GetConsoleAliasExesW
WriteFile
FindActCtxSectionStringA
EnumTimeFormatsW
ActivateActCtx
GlobalAlloc
GetSystemDirectoryW
LoadLibraryW
GetConsoleMode
SetCommConfig
_hread
GetSystemWow64DirectoryW
SetSystemTimeAdjustment
GetVersionExW
GlobalFlags
ReadFile
GetBinaryTypeW
GetOverlappedResult
CompareStringW
ExitThread
SetConsoleTitleA
GlobalUnlock
DeactivateActCtx
GetNamedPipeHandleStateW
VerifyVersionInfoW
ReleaseActCtx
GetStartupInfoA
GetCPInfoExW
GetCurrentDirectoryW
ReadConsoleOutputCharacterA
GetProcAddress
GetProcessHeaps
GetComputerNameExW
CreateNamedPipeA
SetStdHandle
FreeUserPhysicalPages
SetComputerNameA
VerLanguageNameW
GetAtomNameA
LoadLibraryA
Process32FirstW
CreateSemaphoreW
SetCalendarInfoW
SetConsoleCtrlHandler
SetCurrentDirectoryW
WriteProfileSectionW
VirtualLock
SetConsoleWindowInfo
FindAtomA
WriteProfileStringA
QueryMemoryResourceNotification
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
GetCPInfoExA
SetProcessShutdownParameters
_lopen
TlsAlloc
GetWindowsDirectoryW
GetVolumeNameForVolumeMountPointW
GetCurrentProcessId
GetProfileSectionW
LCMapStringW
CopyFileExA
DeleteFileA
FlushFileBuffers
GetLastError
WideCharToMultiByte
GetStartupInfoW
HeapValidate
IsBadReadPtr
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
GetModuleHandleW
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetSystemTimeAsFileTime
Sleep
ExitProcess
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
RtlUnwind
MultiByteToWideChar
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle

user32

GetMenuInfo
GetListBoxInfo

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 986KB - Virtual size: 986KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

0ca800e5917b37d4675d52303cb1287e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 136KB - Virtual size: 160KB

.rsrc Size: 52KB - Virtual size: 52KB

.reloc Size: 14KB - Virtual size: 13KB

.data Size: 986KB - Virtual size: 986KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 136KB - Virtual size: 160KB

.rsrc
Size: 52KB - Virtual size: 52KB

.reloc
Size: 14KB - Virtual size: 13KB

.data
Size: 986KB - Virtual size: 986KB