739e4b627db7ff2018da46807b688b8d015871673d54b39c70123afef7c9f27d

General

Target

739e4b627db7ff2018da46807b688b8d015871673d54b39c70123afef7c9f27d
Size

79KB
MD5

c314f69f68d392ec178ace1a54ed0abd
SHA1

ae8c8f22dfc5bbf0a52269c731294b100877d9fb
SHA256

739e4b627db7ff2018da46807b688b8d015871673d54b39c70123afef7c9f27d
SHA512

48fb29ce11c39618d103a9faf8be671281092db5e9fdddafeac79b2148f77eaf701a546ba596cdea84f92b6cc67c84c751dbcbb03951344f1fc26c28d23f4475
SSDEEP

768:SytMKn1MbYdeDS10bdo0esp7rsRRAid2tZ3NL6esnYyK9V3BN9w6CmrS30N9I8Ep:iIKDdNeVRotZ3NEnBKz2yxb5Zs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
739e4b627db7ff2018da46807b688b8d015871673d54b39c70123afef7c9f27d

Files

739e4b627db7ff2018da46807b688b8d015871673d54b39c70123afef7c9f27d
.exe windows:5 windows x86

66bc71a226e39b580dbfb01a7e828caa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
lstrlenA
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
Sleep
GetLastError
GetCurrentThreadId
EnterCriticalSection
CloseHandle
CreateFileA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
SetLastError
GetModuleHandleA
TerminateProcess
WriteConsoleW
DeleteCriticalSection
InitializeCriticalSection
DeleteFileA
InterlockedDecrement
_lcreat
_lwrite
_lclose
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
HeapFree
GetProcessHeap
InterlockedIncrement
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapAlloc
HeapReAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
HeapSize

user32

wsprintfA

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString
SysFreeString
VariantClear

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66bc71a226e39b580dbfb01a7e828caa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 12KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 12KB