255f0a60e56ff0436f73a0fe8ed63efb

General

Target

255f0a60e56ff0436f73a0fe8ed63efb
Size

390KB
MD5

255f0a60e56ff0436f73a0fe8ed63efb
SHA1

cea8c9e84c702b0e517e3b61d4fe6c059478ee01
SHA256

73f7c9390be51f26ea7a116f533c6ef75adaee44bcb2a34781d1c45b849621d0
SHA512

ad01d28b7ba42a2cd165bbd9e7c03ab14d08b90e9f7945452528d095f26a10f4e07449bc9fc09da0ba19086ea8134466651bfbc7b6e7dac87510d6b25f4232e4
SSDEEP

6144:eslA8Ex+1grRyaXveH9f9e8Bm93yhk3etIdwzhLK7PfG98+I:BlgSgrRyaM9fMQmCxtAVi9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
255f0a60e56ff0436f73a0fe8ed63efb

Files

255f0a60e56ff0436f73a0fe8ed63efb
.exe windows:4 windows x86 arch:x86

78493d4b32380f7ee2b910b65e1295d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
MultiByteToWideChar
TlsGetValue
GetStringTypeA
GetProcAddress
InitializeCriticalSection
HeapReAlloc
UnhandledExceptionFilter
GetStringTypeW
WriteFile
GetCurrentProcessId
HeapAlloc
GetFileType
SetHandleCount
LeaveCriticalSection
GetModuleHandleA
GetEnvironmentStrings
DeleteCriticalSection
GetCPInfo
InterlockedExchange
TlsFree
GetOEMCP
HeapCreate
TlsAlloc
GetStdHandle
GetEnvironmentStringsW
VirtualFree
GetCurrentThread
SetLocaleInfoA
ExitProcess
GetTickCount
GetCommandLineA
FreeEnvironmentStringsW
HeapFree
LCMapStringA
GetModuleFileNameA
EnterCriticalSection
LoadLibraryA
QueryPerformanceCounter
IsBadWritePtr
VirtualAlloc
FreeEnvironmentStringsA
GetVersion
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
LCMapStringW
SetLastError
TlsSetValue
WideCharToMultiByte
GetACP
GetLastError
HeapDestroy
GetSystemTimeAsFileTime

shell32

ExtractIconW
SHQueryRecycleBinA
SHInvokePrinterCommandA
SHFileOperationA
SHGetDesktopFolder
SHUpdateRecycleBinIcon
SHFreeNameMappings
SHGetFileInfo
SheSetCurDrive
ExtractAssociatedIconA
SheChangeDirExW
ShellHookProc
ShellExecuteA
DuplicateIcon
SHGetPathFromIDListA
SHQueryRecycleBinW
SHGetMalloc
SHBrowseForFolderA
SheChangeDirA

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78493d4b32380f7ee2b910b65e1295d1

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 115KB - Virtual size: 115KB

.data Size: 267KB - Virtual size: 266KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 115KB - Virtual size: 115KB

.data
Size: 267KB - Virtual size: 266KB

.rsrc
Size: 6KB - Virtual size: 6KB