acb782c4765cdec003587e4b5de623cd

General

Target

acb782c4765cdec003587e4b5de623cd
Size

143KB
MD5

acb782c4765cdec003587e4b5de623cd
SHA1

629b4e3c420b7675e1f8d43b8da10eb7b2ee1e53
SHA256

0dc51879fdb5cd6c9e2becceee60ccd64200518cd105e4b393714623eb904b1d
SHA512

00823d7f5b4a13ac6383c2b50e27240d07ac505f91a03ae54dc1110355cfbb0c17c6292767c816731e86c6eaa5a378c57f982aa21d869a915ebd50c19d39693e
SSDEEP

3072:vGesUQPQY4PMwK4wgF7MiS4zRjbjzWIEvdTQ:O5QHvw1Uzlb3p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acb782c4765cdec003587e4b5de623cd

Files

acb782c4765cdec003587e4b5de623cd
.exe windows:5 windows x86 arch:x86

21b732e88d0f86e3b25a5e61923a83c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetLastError
CreateEventA
SetEvent
CloseHandle
Sleep
SetFileAttributesA
CreateDirectoryA
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
WaitForSingleObject
LoadLibraryExA
FindClose
CancelWaitableTimer
LocalHandle
GetSystemWindowsDirectoryW
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
LoadLibraryW
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
IsProcessorFeaturePresent
HeapSize
ReadFile
WriteConsoleW
SetStdHandle
CreateFileW

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BSS
Size: 4KB - Virtual size: 791.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21b732e88d0f86e3b25a5e61923a83c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 9KB - Virtual size: 9KB

.BSS Size: 4KB - Virtual size: 791.8MB

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 9KB - Virtual size: 9KB

.BSS
Size: 4KB - Virtual size: 791.8MB

.rsrc
Size: 38KB - Virtual size: 37KB