a3d401dae1c7017589d497b39bf10160ff7d8fb0dc111698fb385d1e85ef04b6

General

Target

a3d401dae1c7017589d497b39bf10160ff7d8fb0dc111698fb385d1e85ef04b6
Size

35KB
MD5

2b9ad66b9a0de15a8e67cdc266f13452
SHA1

2fa6f0ad60c5988116d00722daaa5d19d335ae41
SHA256

a3d401dae1c7017589d497b39bf10160ff7d8fb0dc111698fb385d1e85ef04b6
SHA512

53db619edd71f7e171b0c4ceb3e968fa00d626b2d6bbdb0d6433b12fb4e2bbfaf40bd6ca7438af4a1e50e2366eb7fd40bcb62036834575ddb0efd2df2013f106
SSDEEP

384:ZRbseQM2onEtXIXlDK4tSt7w07JFTEUFgUFgUFgUFgUFgUFgUFgUFgUFgUFgUFAs:Dspak0KxlfF5555555555l6z55a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3d401dae1c7017589d497b39bf10160ff7d8fb0dc111698fb385d1e85ef04b6

Files

a3d401dae1c7017589d497b39bf10160ff7d8fb0dc111698fb385d1e85ef04b6
.exe windows:5 windows x86

80f2e96978da93e2455fd060f4bf4bec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
memcpy
wcslen
memset
_assert
_wcsicmp
_vsnwprintf

user32

LoadStringW

kernel32

LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
RtlUnwind
GetConsoleMode
LockResource
LoadResource
GetProcAddress
GetFileType
FindResourceExW
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
SetLastError
LocalFree
LeaveCriticalSection
TlsGetValue
GetLastError
GetModuleHandleW
GetProcessHeap
GetStdHandle
HeapAlloc
HeapFree
HeapReAlloc
FormatMessageW
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection

ntdll

NtQuerySystemInformation

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80f2e96978da93e2455fd060f4bf4bec

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

ntdll

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 396B

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 480B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 396B

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 480B