744ec52f480cb86b7e84fbbfe4b1880f57219dae5683b746f88d6ee4ba394751

Sharing

Copy URL

Twitter E-mail

General

Target

744ec52f480cb86b7e84fbbfe4b1880f57219dae5683b746f88d6ee4ba394751
Size

780KB
MD5

9bd737b220a4040dbcaf17f48be54a98
SHA1

9a64f521040e7250e8ae523cf2cc8f75753e4cf7
SHA256

744ec52f480cb86b7e84fbbfe4b1880f57219dae5683b746f88d6ee4ba394751
SHA512

135e292c99e65ad22b20d446130f4a96e1de896a642eb5cf262957ad5fe78f867cc980270d8e8b636615ecbf4f539f8330bf1664aea2a1c0005a441d0f838d68
SSDEEP

24576:cOrc1njeVCf3GFh6h8PXzUaoeu9Qdzw9pTG:Zc1jqC4JzUae9m2pG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

744ec52f480cb86b7e84fbbfe4b1880f57219dae5683b746f88d6ee4ba394751

resource
744ec52f480cb86b7e84fbbfe4b1880f57219dae5683b746f88d6ee4ba394751

Files

744ec52f480cb86b7e84fbbfe4b1880f57219dae5683b746f88d6ee4ba394751
.exe windows:5 windows x86 arch:x86

6f282544cf2ad0905a74ff9f4071eba0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
SetDefaultCommConfigW
GetModuleHandleW
GetProcessHeap
GetWindowsDirectoryA
WaitNamedPipeW
ActivateActCtx
GetConsoleCP
GetSystemPowerStatus
GetCalendarInfoA
lstrcpynW
GetFileAttributesW
lstrlenW
ReleaseSemaphore
GetProcAddress
AllocConsole
ResetEvent
LocalAlloc
HeapLock
HeapWalk
GetModuleFileNameA
GetOEMCP
GetModuleHandleA
CreateMutexA
GetPrivateProfileSectionA
VirtualProtect
SetFileShortNameA
DeleteFileW
FindActCtxSectionStringW
WriteProcessMemory
LCMapStringW
CommConfigDialogW
CreateFileW
WriteConsoleW
HeapUnlock
OutputDebugStringW
FlushFileBuffers
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
ReadFile
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetStdHandle
GetFileType
CloseHandle
GetCurrentThreadId
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetACP
IsValidCodePage
HeapReAlloc
LoadLibraryExW
SetStdHandle

user32

GetCaretPos

advapi32

DeregisterEventSource

msimg32

TransparentBlt

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 579KB - Virtual size: 582KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f282544cf2ad0905a74ff9f4071eba0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msimg32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 22KB - Virtual size: 8.3MB

.text Size: 579KB - Virtual size: 582KB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 22KB - Virtual size: 8.3MB

.text
Size: 579KB - Virtual size: 582KB

.rsrc
Size: 41KB - Virtual size: 40KB