570d46aeeb993d114168fb913215ebb2

General

Target

570d46aeeb993d114168fb913215ebb2
Size

169KB
MD5

570d46aeeb993d114168fb913215ebb2
SHA1

a782761dcd786501c900905b4069613df557f036
SHA256

e53fc454e63b44a5d7afa5a108d6c634f99f59afdd0ead060ca8c4289c750d2a
SHA512

a8316f0acde2bf7d5604a22e0ddd0b4f796650c091991780ac7b7f0a2558011159740e5c32b2e8049d97b232fb863ce623e059f0c970db66f8be63b8f82ba731
SSDEEP

3072:cKpuDA0FwpaeB7eVKc8mm/walbQBaHQuQ6qo1LCnQWnbOJFhnO7es24lBBSSWb:RuDAYwpReViDwa+YwuIcCjnbOlCee

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
570d46aeeb993d114168fb913215ebb2

Files

570d46aeeb993d114168fb913215ebb2
.exe windows:4 windows x86 arch:x86

ae92d81c469012e2fa56e88f52f79809

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

gdi32

SelectObject
DeleteObject
GetDeviceCaps
GetTextMetricsA
GetTextExtentPointA
CreateFontIndirectA

shell32

SHGetFolderPathW

kernel32

GetCPInfoExW
TlsGetValue
GetStartupInfoA
LeaveCriticalSection
EnterCriticalSection
GetFileType
GetThreadLocale
GetLastError
SetHandleCount
GetVersionExA
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetACP
HeapSize
EnumResourceTypesA
QueryPerformanceCounter
GetEnvironmentStrings
GetCPInfo
GetLocaleInfoA
RaiseException
WideCharToMultiByte
WriteFile
TlsSetValue
InitializeCriticalSection
GetOEMCP
InterlockedExchange
GetLogicalDriveStringsA
GetTickCount
DeleteCriticalSection
lstrlenW
GetEnvironmentStringsW
MultiByteToWideChar
InterlockedIncrement
GetCurrentProcessId

ole32

CoGetTreatAsClass
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae92d81c469012e2fa56e88f52f79809

Headers

File Characteristics

Imports

newdev

gdi32

shell32

kernel32

ole32

msimg32

Sections

.text Size: 98KB - Virtual size: 98KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 66KB

.reloc Size: 1024B - Virtual size: 104KB

.text
Size: 98KB - Virtual size: 98KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 66KB

.reloc
Size: 1024B - Virtual size: 104KB