286b381daad0a60134baea230df68bca

General

Target

286b381daad0a60134baea230df68bca
Size

3.3MB
MD5

286b381daad0a60134baea230df68bca
SHA1

9d6fe34e5df3606e898fef0650ecd32d1b4f6dd3
SHA256

e21aca4c0e2f30257edc45097312636d9602a7a43c7ae377ac5bce7e9f048c53
SHA512

8fc44846ae3b44bb34d19af821fdbfa9852ca0731843303ae3d73e14d7bbef8024c4588be8dac544864066fc5819237f41feab4661a392b4f1632491ce65d487
SSDEEP

98304:gk0RC3Ih9SYlS7Nwz/fAzfYu1ZGwHf8jN6FfjO+l5DdjDTp:g3CYh9S0S78HgZmj4FfttTp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
286b381daad0a60134baea230df68bca

Files

286b381daad0a60134baea230df68bca
.exe windows:4 windows x86 arch:x86

00b8d6e1d887a2ef1471828bb55c00e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
lstrlenA
CreateDirectoryA
ReleaseMutex
RemoveDirectoryA
CloseHandle
WaitForSingleObject
CreateProcessA
DeleteFileA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
CreateMutexA
OpenMutexA
GetEnvironmentStringsW
GetEnvironmentStrings
GetLocalTime
GetSystemTime
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
HeapReAlloc
GetDriveTypeA
GetDiskFreeSpaceA
SetErrorMode
GetLastError
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
MoveFileA
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
lstrcpyA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
SetEnvironmentVariableA
ReadFile
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
LoadLibraryA
SetFilePointer
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetProcAddress
SetStdHandle
FlushFileBuffers
CreateFileA
GetTimeZoneInformation
SetEndOfFile
CompareStringA
CompareStringW

user32

CreateDialogParamA
wsprintfA
DestroyWindow
DialogBoxParamA
MessageBoxA
UpdateWindow
EndDialog
GetDlgItemTextA

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00b8d6e1d887a2ef1471828bb55c00e5

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 32KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 32KB

.rsrc
Size: 5KB - Virtual size: 5KB