15a378233f1be8e945ac08ff6fe2d63d

General

Target

15a378233f1be8e945ac08ff6fe2d63d
Size

868KB
MD5

15a378233f1be8e945ac08ff6fe2d63d
SHA1

644957b6751af75f2338d031b56fc94a33bfc767
SHA256

38ff11b318c06b05eb3d023bfb854fc709d1f52f61a1975f2fa7a8cb5039bb04
SHA512

ea5ea96bdd586b557195a0ccd0da326c9a63c3f48a6f99e14e966d3eeba7adb0663944f41d9e342f64d34c2ba423837f7d99c18bdc946782a8f15444d7c64b23
SSDEEP

12288:Vz/cXuLLaMLrMfj9DBw023XEdiDYHhRJxVAAAAAAA4T2b96naAA:Vz/cuPIphxd1JAAAAAAA4TlpA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a378233f1be8e945ac08ff6fe2d63d

Files

15a378233f1be8e945ac08ff6fe2d63d
.exe windows:5 windows x86 arch:x86

13ec1fce9ef871296e017e24a4699d94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
DefWindowProcA
KillTimer
PostQuitMessage

kernel32

SetHandleCount
LCMapStringA
GetProcAddress
GetACP
TerminateProcess
VirtualProtect
FindFirstFileA
WriteFile
QueryPerformanceCounter
ReadFile
LockResource
HeapCreate
SetFilePointer
LCMapStringW
HeapFree
GetLastError
VirtualAlloc
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 811KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

13ec1fce9ef871296e017e24a4699d94

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 811KB - Virtual size: 812KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 811KB - Virtual size: 812KB