9d62aa6094a6e093b4442cf900b115df53ee0970fc5867c416096483fc7232a2

General

Target

9d62aa6094a6e093b4442cf900b115df53ee0970fc5867c416096483fc7232a2
Size

1.0MB
MD5

2e7b56329ff02982ce0ed6cc645a22e7
SHA1

c04483bf2fe79280b7062198a0ab42e0cb3bccbc
SHA256

9d62aa6094a6e093b4442cf900b115df53ee0970fc5867c416096483fc7232a2
SHA512

e9f24c855a5140085f2863735f0d867be1167cea7573963480478c62220dc8ed8940ea915d47e9814f4de1e80a1e28161169a84dc1d7ab47f28aae98bae8d45e
SSDEEP

12288:R1ec/eFqGZyUgCraUIk2yFqR+lIaaiEOqN/L0FgEhBCpJJNn8/MPr4OsnM:be7qGEUgCPr24qR+aaHEx/wFvUPEOs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d62aa6094a6e093b4442cf900b115df53ee0970fc5867c416096483fc7232a2

Files

9d62aa6094a6e093b4442cf900b115df53ee0970fc5867c416096483fc7232a2
.exe windows x86

90981fbbec7742867b1815699dcc6d79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
FreeLibrary
Sleep
GetModuleFileNameA
WinExec
LockResource
LoadResource
SizeofResource
FindResourceA
GetFileAttributesA
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
SetUnhandledExceptionFilter
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
IsBadWritePtr
IsBadReadPtr
HeapValidate
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapAlloc
HeapReAlloc
IsBadCodePtr
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetEndOfFile
ReadFile
LCMapStringA
LCMapStringW

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 784KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90981fbbec7742867b1815699dcc6d79

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 192KB - Virtual size: 195KB

.rsrc Size: 784KB - Virtual size: 780KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 192KB - Virtual size: 195KB

.rsrc
Size: 784KB - Virtual size: 780KB