b304933477e99ea3f4cc590444ba6ca8

General

Target

b304933477e99ea3f4cc590444ba6ca8
Size

3.4MB
MD5

b304933477e99ea3f4cc590444ba6ca8
SHA1

7753ea9c326948dfb36a388875786cdae4d69da4
SHA256

3a60b4231d79734747159dee3fa46fc46fddeaad4bc43d2673ba2af18050845f
SHA512

63dbc484b082cba289bac9ee987826e45949b0dea618a97d0206088aa7a861b6f1cbf9ac3436b58dd9c352fbf497c4953fb9c7b9b565c09f1520c861560b560c
SSDEEP

98304:1/hkoj2oUU1W15I9Q/U/MQjuy8hTc1uG1uiC:1/PVs5IwVYUc1Wi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b304933477e99ea3f4cc590444ba6ca8

Files

b304933477e99ea3f4cc590444ba6ca8
.exe windows:4 windows x86 arch:x86

23bbee0b73d69ceb6c7ba8ae3860b38b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetSystemTimeAsFileTime
GetProcAddress
FreeLibrary
MultiByteToWideChar
SetLastError
HeapAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WriteFile
WaitForSingleObject
GetProcessHeap
CreateFileW
ExitProcess
GetModuleFileNameW
RaiseException
SetEvent
FormatMessageW
TlsGetValue
GetModuleHandleA
InitializeCriticalSection
GetConsoleMode
CreateEventW
TlsAlloc
HeapSize
LoadLibraryW
GetCPInfo
TlsFree
SetFilePointer
GetStringTypeW
RtlUnwind
LCMapStringW
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetOEMCP
IsProcessorFeaturePresent
FindNextFileW
IsValidCodePage
GetConsoleCP
LocalAlloc
GetCommandLineA
ResetEvent
ReleaseMutex
GetFileSize
EncodePointer
VirtualFree
LoadLibraryA
GetExitCodeProcess
ExpandEnvironmentStringsW
CreateProcessW

user32

TranslateMessage
DefWindowProcW
MessageBoxW
SetWindowLongW
GetMessageW
GetSystemMetrics
EnableWindow
IsWindow
GetParent
EndDialog
SetWindowTextW
SetFocus
BeginPaint
ScreenToClient
GetWindow
SystemParametersInfoW
MessageBoxA
CharUpperW
ClientToScreen

Sections

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23bbee0b73d69ceb6c7ba8ae3860b38b

Headers

File Characteristics

Imports

kernel32

user32

Sections

.idata Size: 2KB - Virtual size: 1KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB