b9182a6e542e65f6f87d85f5f0fec5b08eff3b72b44875df2438520ba7cccb7d

General

Target

b9182a6e542e65f6f87d85f5f0fec5b08eff3b72b44875df2438520ba7cccb7d
Size

5.7MB
MD5

225b7efb90422d028006747bdec7d6ef
SHA1

69328658432c3c55f1a4a1fd3e0a522b6e1362a6
SHA256

b9182a6e542e65f6f87d85f5f0fec5b08eff3b72b44875df2438520ba7cccb7d
SHA512

431d86d9e89fe3261fc443a0331223474dc5d2b364838d0efea14c959da7f703aaac2f40cd67071d45b460057fd567f3605f5a9d9d8addf0765650469984824d
SSDEEP

98304:kJR8fIKG9j/K5+jMk7hn9iGB43ZwZO5NuxLVmuWIO1GvuqdzpKRzeZ59gX0iFc9Y:vbcjS5+YkNYG+KZlJmkz2qdzpF59gEjq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9182a6e542e65f6f87d85f5f0fec5b08eff3b72b44875df2438520ba7cccb7d

Files

b9182a6e542e65f6f87d85f5f0fec5b08eff3b72b44875df2438520ba7cccb7d
.exe windows x86

c93054f3641a57789b9c172c90b0ab50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

advapi32

CloseServiceHandle
OpenSCManagerA
OpenServiceA
StartServiceA

kernel32

EnterCriticalSection
GetProcAddress
GetModuleHandleA
GetCurrentProcess
SizeofResource
LockResource
LoadResource
FindResourceA
CloseHandle
WriteFile
CreateFileA
GetLastError
CreateDirectoryA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetVersionExA
Sleep
GetTempFileNameA
GetTempPathA
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37.6MB - Virtual size: 37.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c93054f3641a57789b9c172c90b0ab50

Headers

File Characteristics

Imports

wininet

advapi32

kernel32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 17KB

.rsrc Size: 37.6MB - Virtual size: 37.6MB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 17KB

.rsrc
Size: 37.6MB - Virtual size: 37.6MB