b83e9ef28d067c6ed244ec0f1e8c3d52cfd115726f4688cd94d7a314c242cf15

General

Target

b83e9ef28d067c6ed244ec0f1e8c3d52cfd115726f4688cd94d7a314c242cf15
Size

5.5MB
MD5

60582968fe1c0fd8a1b5ce81560dba97
SHA1

c0f10c2376e7a3311f05f9acca4cb24dbee47300
SHA256

b83e9ef28d067c6ed244ec0f1e8c3d52cfd115726f4688cd94d7a314c242cf15
SHA512

f01914d08a6a4634a28040175b609c153034ec325814c12d2d2e79e86fc27e9fdd531a5f2ec24a976d80f6517b96351542e90f6085476d5ed617e17a56c6b264
SSDEEP

98304:Do2vdwxjzUmhHV6Kmniox4PWpi0pXbGsjHjNJ7TMyYLRlPJnvuexQYsS:c2vYcmEnvCeh1vWDBG+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b83e9ef28d067c6ed244ec0f1e8c3d52cfd115726f4688cd94d7a314c242cf15

Files

b83e9ef28d067c6ed244ec0f1e8c3d52cfd115726f4688cd94d7a314c242cf15
.exe windows:5 windows x86 arch:x86

372240971b1460733891d88ab19ba102

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
ExitProcess
IsBadReadPtr
GetProcAddress
GetLastError
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA
SetErrorMode

user32

EnumWindows
wsprintfA
MessageBoxA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcrt

wctomb
wcscat
wcsncat
printf
free
malloc
mbtowc
mbstowcs
wcstombs
_except_handler3
wcsrchr
wcschr

Sections

0000001
Size: 996KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000002
Size: 813KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000003
Size: 168KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0000005
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000006
Size: 56KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000007
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

372240971b1460733891d88ab19ba102

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

0000001 Size: 996KB - Virtual size: 996KB

0000002 Size: 813KB - Virtual size: 816KB

0000003 Size: 168KB - Virtual size: 198KB

.rsrc Size: 8KB - Virtual size: 12KB

0000005 Size: 126KB - Virtual size: 128KB

0000006 Size: 56KB - Virtual size: 61KB

0000007 Size: 3.4MB - Virtual size: 3.4MB

0000001
Size: 996KB - Virtual size: 996KB

0000002
Size: 813KB - Virtual size: 816KB

0000003
Size: 168KB - Virtual size: 198KB

.rsrc
Size: 8KB - Virtual size: 12KB

0000005
Size: 126KB - Virtual size: 128KB

0000006
Size: 56KB - Virtual size: 61KB

0000007
Size: 3.4MB - Virtual size: 3.4MB