330f87815a839a3f678adc4b3442f86f

General

Target

330f87815a839a3f678adc4b3442f86f
Size

188KB
MD5

330f87815a839a3f678adc4b3442f86f
SHA1

6930e84308dd5edeae9f3b8fba05e3ee86bdbdae
SHA256

e157d0248b9b1cb19cf0a58777f28e949a64892f123b4a0db9ad0668580ea042
SHA512

c0f120c6a2614112c5899b3689df6e2d07572007e6ce026f0cde8c65364fc3a66ddef8370a12ae4ecdd3893247282da4cb8a05862af968c80d16ff3c798fdf50
SSDEEP

3072:C7+mP819ZwfMQSgpDmZjSf1PbbbKB2t98F/aLqQFDxqiCJYq6BKXzAuWc2XSbQc0:Lmk19EfFmZOtbbKBlaLqsDoH15XzdLTQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
330f87815a839a3f678adc4b3442f86f

Files

330f87815a839a3f678adc4b3442f86f
.exe windows:4 windows x86 arch:x86

9b98e4efa03d9b624112d0cf0f3bcc24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
DeleteCriticalSection
GetThreadPriority
InterlockedDecrement
LCMapStringA
WideCharToMultiByte
InterlockedIncrement
IsDebuggerPresent
WriteConsoleA
GetProcessHeap
GlobalAlloc
WriteConsoleW
HeapFree
SetCommConfig
CloseHandle
IsValidCodePage
LeaveCriticalSection
GetVersionExA
HeapReAlloc
IsValidLocale
HeapSize
TerminateProcess
HeapAlloc
GetCPInfo
SetUnhandledExceptionFilter
GetLocaleInfoW
GetProcAddress
GetFullPathNameW
EnumResourceNamesA
GetCurrentDirectoryW
GetCurrentThreadId
CreateFileA
RaiseException
SetStdHandle
RtlUnwind
GetCommandLineA
ExitProcess
GetConsoleOutputCP
GetUserDefaultLCID
EnumSystemLocalesA
WriteFile
GetCurrentProcess
GetLastError
UnhandledExceptionFilter
Sleep
ReadFile
EnterCriticalSection
SetEndOfFile
LCMapStringW
GetModuleHandleA
GetModuleFileNameW
ExitProcess
InitializeCriticalSection
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b98e4efa03d9b624112d0cf0f3bcc24

Headers

File Characteristics

Imports

kernel32

user32

rpcrt4

advapi32

shell32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 31KB - Virtual size: 30KB

.crt Size: 512B - Virtual size: 88KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 31KB - Virtual size: 30KB

.crt
Size: 512B - Virtual size: 88KB