13c20701348b9ada93618e200d38bdd0

General

Target

13c20701348b9ada93618e200d38bdd0
Size

1.9MB
MD5

13c20701348b9ada93618e200d38bdd0
SHA1

cf59f08cc2e64a9b6f45f17d8c03039db1c1e3d9
SHA256

c1b3ebf4cf04693927bb5ebe5b56f296ef79c400cf185be09f4d6605c6c9adcc
SHA512

b9cf4589e8707c23105b0feb7ffbf764f4f642da516acc77694c91597da711db4c8d68918ce992a6cb4a00b0002dac14692a146ede3e36b6aeb5d880aeaed305
SSDEEP

49152:wpTvsvqUodjV7uztckRlqrvIXsGjkqCz15JcZ:8D/U4hKzttqrvhWkqmryZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13c20701348b9ada93618e200d38bdd0

Files

13c20701348b9ada93618e200d38bdd0
.exe windows:4 windows x86 arch:x86

b4faebec2c839f549734a5e127b94060

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetProcessHeap
GetCurrentThread
VirtualFree
GetLastError
GetTickCount
ExitProcess
GetCurrentProcess
GetModuleHandleA
VirtualAlloc
GetCurrentThreadId
GetCommandLineW
ExitProcess
GetTickCount
GetCommandLineW
GetModuleHandleW
GetModuleHandleA
GetCurrentProcess
GetModuleFileNameA
DeleteCriticalSection
FreeLibrary
VirtualAlloc
GetProcessHeap
HeapDestroy
GetCurrentThread
lstrlenA
GetLastError
InterlockedDecrement
MultiByteToWideChar
VirtualFree

gdi32

SetICMMode
Ellipse
GetTextColor
SetViewportOrgEx
CreateDIBitmap
SetViewportOrgEx
SetICMMode
SetTextColor

advapi32

RegCloseKey
GetTokenInformation
RegOpenKeyExA
GetLengthSid
RegEnumValueW
RegEnumKeyExW

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 692KB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 720KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4faebec2c839f549734a5e127b94060

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

version

Sections

.text Size: 9KB - Virtual size: 10KB

.data Size: 446KB - Virtual size: 446KB

.rdata Size: 692KB - Virtual size: 5.9MB

.rdata Size: 720KB - Virtual size: 721KB

.kdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 71KB - Virtual size: 71KB

.text
Size: 9KB - Virtual size: 10KB

.data
Size: 446KB - Virtual size: 446KB

.rdata
Size: 692KB - Virtual size: 5.9MB

.rdata
Size: 720KB - Virtual size: 721KB

.kdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 71KB - Virtual size: 71KB