300809fbf1e457d878d9432516fe02bb

General

Target

300809fbf1e457d878d9432516fe02bb
Size

3.4MB
MD5

300809fbf1e457d878d9432516fe02bb
SHA1

2c580810a245c5d71088bffc4e596a8803d3eecf
SHA256

1927d4e877170fc114484275e6fc5ebb45511877be93560e72d959d208927c8f
SHA512

db4e103f9621662f77e858c2037bf2cac69d400d7b8fd421877e7ace9a74c977883fbc8e646b2714049458b79f1328dada93ba269e3a24dcbcaee3a5dd37b168
SSDEEP

98304:BaS0J9RGUkfKnquD06n4f/KEOU+0EgtjVzvM/:BaDJXhGKxfoSEO9gtjVzvM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
300809fbf1e457d878d9432516fe02bb

Files

300809fbf1e457d878d9432516fe02bb
.exe windows:4 windows x86 arch:x86

55b729c907dc9a14f85f3eb3cac08534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetProcAddress
TerminateProcess
Sleep
GetTickCount
WideCharToMultiByte
HeapFree
LocalFree
EnterCriticalSection
WriteFile
CreateFileW
GetModuleFileNameW
GetStdHandle
IsDebuggerPresent
FindClose
SetEvent
GetACP
GetFileType
TlsGetValue
GetModuleHandleA
HeapReAlloc
GetConsoleMode
FlushFileBuffers
CreateEventW
TlsAlloc
LoadLibraryW
LoadLibraryExW
TlsFree
SetFilePointer
GetStringTypeW
RtlUnwind
LCMapStringW
GetOEMCP
GetEnvironmentStringsW
SetStdHandle
FreeEnvironmentStringsW
IsProcessorFeaturePresent
FindNextFileW
FindFirstFileW
DeleteFileW
VirtualAlloc
GetConsoleCP
LocalAlloc
VirtualFree
GetModuleHandleExW
GetLocaleInfoW
LoadResource
UnmapViewOfFile
ExpandEnvironmentStringsW
CreateProcessW

user32

TranslateMessage
LoadStringW
DispatchMessageW
ShowWindow
DestroyWindow
DefWindowProcW
MessageBoxW
PostQuitMessage
GetWindowLongW
GetMessageW
GetDC
PostMessageW
GetClientRect
LoadCursorW
BeginPaint
KillTimer
InvalidateRect
RegisterClassW
EnableMenuItem
GetWindow
UpdateWindow
SystemParametersInfoW
MessageBoxA
ClientToScreen

Sections

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55b729c907dc9a14f85f3eb3cac08534

Headers

File Characteristics

Imports

kernel32

user32

Sections

.idata Size: 2KB - Virtual size: 1KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB