194f31e1fbe585e206e62826a96d4b9a

Sharing

Copy URL

Twitter E-mail

General

Target

194f31e1fbe585e206e62826a96d4b9a
Size

157KB
MD5

194f31e1fbe585e206e62826a96d4b9a
SHA1

c945910db0027ce8a957809bd781e64e6a24e616
SHA256

56fdeaf7b258f985d3aeb22b547f64c7aeaff14ebf368bd4f8f52b5498d01c0a
SHA512

4c655ad6d577f5ec314f8f5e4f9fe8b69bde7462d6f17ccc6cc7ef4df450edc962ebf785665d84c62daca9352130a2a1937edf94916e1f29ca8e8b8d7f466a80
SSDEEP

3072:8GqSvISUjcC6Xy4Ekjx3RfLuOtoVWx2/nAW82qoBDhbp2CbkY5:8GqiIxtkjx9qZPAuJ5R5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
194f31e1fbe585e206e62826a96d4b9a

Files

194f31e1fbe585e206e62826a96d4b9a
.exe windows:4 windows x86 arch:x86

009e1a0d0bbf6d9462d0ec27dd4f4303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
GetLastError
GlobalFree
VirtualFree
ReadFile
CreateFileA
FlushViewOfFile
SetLastError
GetModuleHandleA
Sleep
WriteFile
GlobalAlloc
CopyFileA
SuspendThread
FreeResource
SizeofResource
LockResource
LoadResource
VirtualProtect
VirtualAlloc
ExitProcess
ResumeThread
LoadLibraryA
GetSystemTime
FreeLibrary
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStringTypeW
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
CreateThread
CloseHandle
HeapFree
GetProcAddress
WaitForMultipleObjects
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA

user32

ReleaseDC
DefWindowProcA
GetClientRect
CreateWindowExA
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
IsWindow
GetIconInfo
GetWindowLongA
ShowWindow
GetDesktopWindow
LoadStringA
GetDC

gdi32

CreatePenIndirect
DeleteObject
CreateCompatibleBitmap
GetDIBits

pdh

PdhAddCounterA
PdhOpenQueryA
PdhCollectQueryData

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 234KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

009e1a0d0bbf6d9462d0ec27dd4f4303

Headers

File Characteristics

Imports

kernel32

user32

gdi32

pdh

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 24KB - Virtual size: 23KB

.tls Size: 4KB - Virtual size: 384B

.rsrc Size: 6KB - Virtual size: 5KB

.sdata Size: 234KB - Virtual size: 550KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 24KB - Virtual size: 23KB

.tls
Size: 4KB - Virtual size: 384B

.rsrc
Size: 6KB - Virtual size: 5KB

.sdata
Size: 234KB - Virtual size: 550KB