f16157caae526b975c28c070390048736ea8740ca5e30ffaecdbb3bdd3029bf2

General

Target

f16157caae526b975c28c070390048736ea8740ca5e30ffaecdbb3bdd3029bf2
Size

2.7MB
MD5

37002c6463467c13b0cf5c56ddad2dc9
SHA1

e6c8ff8680fea03227f48e1998dd7a538e1bc9b8
SHA256

f16157caae526b975c28c070390048736ea8740ca5e30ffaecdbb3bdd3029bf2
SHA512

61313a46be51f3b8068f6c89ee9abeb8b38c5fcbaae7f6cc78766132b580a89fa552cd41f47e4bedb92916fc7bf94ec9ea567e0f9d7eb1bb36ca37bb1c8e4b99
SSDEEP

49152:hX7hxYlnbSmfuUBfLdP5Ol4lEPxffsCXqVxfmnbG3N:hX7hxYlumG8LdP5Ol4q5fLqr+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f16157caae526b975c28c070390048736ea8740ca5e30ffaecdbb3bdd3029bf2

Files

f16157caae526b975c28c070390048736ea8740ca5e30ffaecdbb3bdd3029bf2
.exe windows x86

da7176045a8832ffc1e59054f4df01b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetStdHandle
SetStdHandle
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
GetFileType
SetFilePointerEx
WriteFile
IsDebuggerPresent
DecodePointer
RaiseException
UnhandledExceptionFilter
GetLastError
SetLastError
QueryPerformanceCounter
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitializeSListHead
GetCurrentProcessId
ExitProcess
TerminateProcess
ExitThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetSystemTimeAsFileTime
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadLibraryA
LoadLibraryW
GlobalAlloc
GlobalFlags
MultiByteToWideChar
WideCharToMultiByte
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LCMapStringW
GetConsoleOutputCP
WriteConsoleW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da7176045a8832ffc1e59054f4df01b2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 388B

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 1024B - Virtual size: 628B

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 388B

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 1024B - Virtual size: 628B