a1970f27713c4236f0cb1458d51f8af3706e8fb5efbf66e1cd59d2574cb1b7e5

Sharing

Copy URL Twitter E-mail

General

Target

a1970f27713c4236f0cb1458d51f8af3706e8fb5efbf66e1cd59d2574cb1b7e5
Size

192KB
MD5

36c15ab11466045a8a898cfacdcfded3
SHA1

0c993f88c00470ae414c825b7175f0093cf593fa
SHA256

a1970f27713c4236f0cb1458d51f8af3706e8fb5efbf66e1cd59d2574cb1b7e5
SHA512

cc7f64d682c349c5136cd0d1712ce0463a88b56ed1fac7013f0c55353901d0e0e52439df567c722c9e8102904fff1c474edf51fd1068e86059cedf9c1a3fb916
SSDEEP

3072:/Xaa4wSq9ec020AhgY9aAqQIil6YbJOLM9qrQt+Ldu5vXR://4wSqYc0BAOsFPbc8kiB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1970f27713c4236f0cb1458d51f8af3706e8fb5efbf66e1cd59d2574cb1b7e5

Files

a1970f27713c4236f0cb1458d51f8af3706e8fb5efbf66e1cd59d2574cb1b7e5
.exe windows x86

29181f3e45015a4d6dc4918e0e1bc179

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cabinet

ord20
ord23
ord22
ord21

kernel32

GetFileSizeEx
GetStdHandle
SetFilePointer
LoadLibraryW
GetLastError
WriteFile
GetConsoleScreenBufferInfo
SetFilePointerEx
SetConsoleCursorPosition
MultiByteToWideChar
GetProcAddress
GetFileAttributesW
lstrlenW
lstrcpyW
lstrcmpiW
HeapFree
VirtualFree
DosDateTimeToFileTime
GetProcessHeap
CreateDirectoryW
ReadFile
CreateFileW
GetFullPathNameW
SetFileTime
CloseHandle
HeapAlloc
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteConsoleW
GetFileType
GetModuleFileNameW
GetVersionExA
LCMapStringA
LCMapStringW
GetCPInfo
RtlUnwind
RaiseException
GetStringTypeA
GetStringTypeW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualAlloc
HeapReAlloc
GetACP
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FlushFileBuffers
LoadLibraryA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
GetLocaleInfoW
SetEndOfFile

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29181f3e45015a4d6dc4918e0e1bc179

Headers

File Characteristics

Imports

cabinet

kernel32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 1004B

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 1004B