09134a4d12e610d59961f6df5532630103ab687e33d16e38f035fe5e1d98097a

General

Target

09134a4d12e610d59961f6df5532630103ab687e33d16e38f035fe5e1d98097a
Size

140KB
MD5

31e53d38519e7c4c1f54be5de60a4dc3
SHA1

0ed7c7438b6aa3554dd99924bdd90f6a8d386ef3
SHA256

09134a4d12e610d59961f6df5532630103ab687e33d16e38f035fe5e1d98097a
SHA512

83f96d37c2131f4a21dee06a73feb4ec9737ce4cad0cb6cc8d98113512b1f5bc9758a741dcb5e8d95064f2b2b2dabab32dc6d0814bdb1f435f5b53418b381908
SSDEEP

768:KxwfQvnRQuoP7Q2585l6o+cgRgfZe2lYfy9UKitTQZSHViGSMjJT3njDM5U2:K+unRGNoso+vRgfwTfM22GtT3njQ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09134a4d12e610d59961f6df5532630103ab687e33d16e38f035fe5e1d98097a

Files

09134a4d12e610d59961f6df5532630103ab687e33d16e38f035fe5e1d98097a
.exe windows x86

c53c3e538b4061e3d06e74275492fbfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleFileNameA
lstrcmpiA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
lstrlenA
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
VirtualAlloc
HeapAlloc
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

CharNextA

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c53c3e538b4061e3d06e74275492fbfb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 104KB - Virtual size: 104KB