d79bbc30a6a39ce5839335674a26dc75a03118b5280799a47e10ab5558e7ea83

General

Target

d79bbc30a6a39ce5839335674a26dc75a03118b5280799a47e10ab5558e7ea83
Size

172KB
MD5

51e9fbc117d7477177720e5133de1307
SHA1

d10ccca879b8ae65c9f7c3b753fb5b2cec6bfc53
SHA256

d79bbc30a6a39ce5839335674a26dc75a03118b5280799a47e10ab5558e7ea83
SHA512

ee3c931464082091b52c00ea0a986cc96d7391433d224150841e21e39253a45a26a7f389e51acdb89777789cd7f0daf29fb208008e8be020415ceb86c6634219
SSDEEP

1536:AIcENTPM1CbGAbqMZJbN0bscVjpQTLltBnEbmKEslofzsR:AOdPMwbGIJZJbObsijpQTLlzVsloLsR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d79bbc30a6a39ce5839335674a26dc75a03118b5280799a47e10ab5558e7ea83

Files

d79bbc30a6a39ce5839335674a26dc75a03118b5280799a47e10ab5558e7ea83
.exe windows:4 windows x86

4f4b5464ee043cafaa63afa3f9e0bfb8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
LoadLibraryA
GetProcAddress
GetModuleHandleA
VirtualProtect
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
GetLastError
SetConsoleCtrlHandler
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CloseHandle
ReadFile

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f4b5464ee043cafaa63afa3f9e0bfb8

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 130KB

.bss Size: - Virtual size: 6KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 132KB - Virtual size: 130KB

.bss
Size: - Virtual size: 6KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB