69959e46de953aa59ee64c20f6116b24

General

Target

69959e46de953aa59ee64c20f6116b24
Size

148KB
MD5

69959e46de953aa59ee64c20f6116b24
SHA1

6adb8db31f160a081e3ffc9dfdc980afa8d8158b
SHA256

6c962a1ce082f6770b1ee8d02ac852755ad7b817fdcaade338feb21356cf5deb
SHA512

a258fc362ac64dd28094ec89c5daf24e222e5631cf4b5d8d4c28bd52301433d7783db80be5f1c8d91c801f706ab44e8fa253ce3df27da7e260f0b1b396ce2919
SSDEEP

1536:QEIHTWwJBolv5kN80VcqoW1HD3JcqwQJeXVeTwBzhcT5QPcqHsyFz:DmTKlv5a7/oWRDRFJeFesBzm5Q3sgz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69959e46de953aa59ee64c20f6116b24

Files

69959e46de953aa59ee64c20f6116b24
.exe windows:4 windows x86 arch:x86

745fd9e1db99098001f0a1594af4f0e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
GetFileAttributesA
GetSystemInfo
VirtualProtect
CloseHandle
GetLocaleInfoA
GetACP
InterlockedExchange
OutputDebugStringA
GetWindowsDirectoryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ExitProcess
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapAlloc
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetFilePointer
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetCPInfo
SetStdHandle
FlushFileBuffers

user32

wsprintfA
FindWindowA

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA

shlwapi

PathFileExistsA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

745fd9e1db99098001f0a1594af4f0e1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 64KB - Virtual size: 67KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 64KB - Virtual size: 67KB

.rsrc
Size: 48KB - Virtual size: 47KB