616027cc6886839aeaf44151432f401c

General

Target

616027cc6886839aeaf44151432f401c
Size

3.4MB
MD5

616027cc6886839aeaf44151432f401c
SHA1

985b7ede55992c8b735ec4ae8b6e785688fbbc57
SHA256

565310fa1fb1432ff4f430513ad135cbf597bd539ec1d563e39ce15350501491
SHA512

701904fea3b904aa94432823bebf84b723f3700a477d3e0c236b867f91d1bcbe72801ada15927f38ae65de6229cd3403cac04911865b4826d34a198ea7346acd
SSDEEP

98304:qO8f20/QfUUTSGrI2B52jDfcVxusIlE1RbHV5U:T8f2gQcps752ncSsIlEl5U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
616027cc6886839aeaf44151432f401c

Files

616027cc6886839aeaf44151432f401c
.exe windows:4 windows x86 arch:x86

12f9567969881af825fe8de5caaa9b6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcessId
SetUnhandledExceptionFilter
GetProcAddress
GetTickCount
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
EnterCriticalSection
WaitForSingleObject
GetProcessHeap
CreateFileW
GetStartupInfoW
IsDebuggerPresent
GetCommandLineW
FindClose
GetModuleHandleA
InitializeCriticalSection
HeapReAlloc
FlushFileBuffers
TlsAlloc
HeapSetInformation
LoadLibraryW
LoadLibraryExW
GetCPInfo
TlsFree
SetFilePointer
GetStringTypeW
RtlUnwind
GetModuleFileNameA
GetOEMCP
GetEnvironmentStringsW
SetStdHandle
IsProcessorFeaturePresent
DeleteFileW
GetConsoleCP
LocalAlloc
DecodePointer
SetEndOfFile
ResetEvent
GetFileSize
EncodePointer
VirtualFree
LoadLibraryA
GetLocaleInfoW
GetFullPathNameW
GetExitCodeProcess
CreateProcessW

user32

TranslateMessage
DispatchMessageW
ShowWindow
PostQuitMessage
GetMessageW
GetSystemMetrics
PostMessageW
SendMessageW
GetClientRect
SetWindowPos
IsWindow
EndDialog
SetTimer
LoadIconW
SetForegroundWindow
GetSysColor
PeekMessageW
GetWindow
GetWindowTextW
SystemParametersInfoW
MessageBoxA
CharUpperW
ClientToScreen

Sections

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12f9567969881af825fe8de5caaa9b6f

Headers

File Characteristics

Imports

kernel32

user32

Sections

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 1KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB