1a6efd4405282534ab0b964bdd374152

General

Target

1a6efd4405282534ab0b964bdd374152
Size

112KB
MD5

1a6efd4405282534ab0b964bdd374152
SHA1

b2880813e3e011a68d4a99b043fd5051ec991988
SHA256

0d1a9a163f8d3ec3b967ed2b752e359e7dd267f5ef473d107cd879e16b51f6f7
SHA512

c328f0e03c6b4bd3da9714f386a4629af2f97b7f938776fd4f8b697dfe776af80c5fe196b26d7bb8619e4586a707e93739bfc5cf282bccd1701768c5ef727253
SSDEEP

1536:sk1/OqHq2bkzAaVHEvZQcW+YMw9CjpllbfAjMvd3wS60+MZwkqy6:skbj8nXcLrjplQ8d3960bU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a6efd4405282534ab0b964bdd374152

Files

1a6efd4405282534ab0b964bdd374152
.exe windows:4 windows x86 arch:x86

e00509a3a52c5f10750104c1d99649d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
Sleep
InterlockedIncrement
GlobalReAlloc
LocalFree
GetTempPathA
VirtualAlloc
GetModuleHandleA
GetProcAddress
InterlockedExchange
VirtualFree
ResumeThread
GetTickCount
ResetEvent
SetFirmwareEnvironmentVariableA
CreateMutexA
GetLastError
RemoveDirectoryW
GetSystemInfo
VirtualProtect
GetLocaleInfoA
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapSize
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
HeapReAlloc
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
RaiseException
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualQuery

user32

ShowWindow
PostMessageA
SetActiveWindow
GetSystemMetrics

winmm

joySetCapture
midiStreamOut
midiDisconnect

Sections

.TTEXT
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e00509a3a52c5f10750104c1d99649d3

Headers

File Characteristics

Imports

kernel32

user32

winmm

Sections

.TTEXT Size: 4KB - Virtual size: 1KB

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 7KB

.TTEXT
Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 7KB