1136759340d766e276a22e419eb4f210

Sharing

Copy URL Twitter E-mail

General

Target

1136759340d766e276a22e419eb4f210
Size

524KB
MD5

1136759340d766e276a22e419eb4f210
SHA1

9f2dc974682eec3bb123c7bf7a52de5387f765ee
SHA256

b1f7b4acc309fd6ac61bb92b0f1721dff2dc2c7208aa7ee2039af4099d0b46aa
SHA512

23a7174b19ff1e2aa7bb4eb0a3bb7711131f99ef130d10952a54bdad90c1400169622a730910f787c18a09dc7a67484c67a6a0a4153808878240cb4236aa26b3
SSDEEP

12288:23W57giY8I2igugFacriZKi8GEXVQWGt8lvEMxr:23W57RXI2igugHn3GB89EM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1136759340d766e276a22e419eb4f210

Files

1136759340d766e276a22e419eb4f210
.exe windows:4 windows x86 arch:x86

60a1719c30de0ffca657427faa46fe32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

kernel32

CreateFileA
QueryPerformanceCounter
QueryPerformanceFrequency
LockResource
LoadResource
SizeofResource
FindResourceA
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
CloseHandle
ReadFile
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
WriteFile
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetTickCount
GetCurrentProcessId
GetModuleFileNameA
VirtualQuery
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
MultiByteToWideChar
VirtualProtect
GetSystemInfo
SetStdHandle
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SafeArrayDestroy
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
SysFreeString
SafeArrayGetLBound
SafeArrayGetUBound

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60a1719c30de0ffca657427faa46fe32

Headers

File Characteristics

Imports

rpcrt4

kernel32

ole32

oleaut32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 404KB - Virtual size: 402KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 404KB - Virtual size: 402KB