20b2937b7b757af9baaf2ae7be88140c

General

Target

20b2937b7b757af9baaf2ae7be88140c
Size

279KB
MD5

20b2937b7b757af9baaf2ae7be88140c
SHA1

5c69e5b92e5fa49894a25b884b31a0af95a4cd3a
SHA256

5d08ec9ab8e3a1bd3731edb0cf9590f1df492ca27533c8a95e975fced9d0a286
SHA512

97dbde937d747e34ef0aa4d21b5f2e104cb6d1b357ba3905beb20c919b4caf346dfdbc3e893128753a351badaa700c960aa3bd756c6607899e14a3c01518d097
SSDEEP

6144:8P/dgEK6Q5+u+beL3+v2iFp/7SyY2ukmYmKHVgyg:8PT9roPiz/7DXukfmMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20b2937b7b757af9baaf2ae7be88140c

Files

20b2937b7b757af9baaf2ae7be88140c
.exe windows:4 windows x86 arch:x86

4ddb8b76a7069dcdd038b5f3f426f045

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegQueryValueA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegCloseKey

lz32

LZCopy
LZClose
LZOpenFileA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

CloseHandle
CreateEventA
GetTempPathW
LocalFree
GetExitCodeProcess
AddAtomW
CopyFileW
CreateThread
CreateFileMappingA
MapViewOfFile
GetCurrentThreadId
SetEvent
MoveFileExW
CreateWaitableTimerA
LocalAlloc
WriteConsoleW
GetCommandLineA
CreateFileW
EnumResourceNamesA
DeleteFileW
GetFileAttributesW
GetEnvironmentVariableW
ResetEvent
GetVersionExW
CreateDirectoryW
LoadLibraryExW
UnmapViewOfFile
WriteFileGather
FileTimeToSystemTime
CreateProcessW
GetSystemTime
GetSystemDirectoryW
WaitForSingleObject
FileTimeToLocalFileTime
GetModuleHandleW
SetFileAttributesW
CreateFileA

Sections

.text
Size: 142KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ddb8b76a7069dcdd038b5f3f426f045

Headers

File Characteristics

Imports

advapi32

lz32

setupapi

kernel32

Sections

.text Size: 142KB - Virtual size: 274KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 142KB - Virtual size: 274KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 512B - Virtual size: 4KB