69b9ac6e87e17c4ab1466cf98bbe1a94

General

Target

69b9ac6e87e17c4ab1466cf98bbe1a94
Size

185KB
MD5

69b9ac6e87e17c4ab1466cf98bbe1a94
SHA1

95e156b9c0483f3a1d280c614b4d12a064700bba
SHA256

7840cc074afc2e80e84a19d89fcdc5758aef117dded2bd399cb811e386912bdf
SHA512

1515bb5c1d79a0f8b837e3c8f84b4013d9f2300de15fa6c9f64c7fea88d9783ec76938dad4c47177de8ff7e188197f4b28e37a45bdb295c9c9dd9659d32d130f
SSDEEP

3072:xuRvyKLaHC9qVUsGXi9gkMqfy+VWfUDd1Dl/WnOZ1fhRdGvToMR48:xeqoJ9q+jSKqfy5fUDhWn6MUMO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69b9ac6e87e17c4ab1466cf98bbe1a94

Files

69b9ac6e87e17c4ab1466cf98bbe1a94
.exe windows:4 windows x86 arch:x86

177fb1e4844f2d9b974c91ea59dd595d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
lstrlenA
GetProcessHeap
GetModuleFileNameA
GetTickCount
IsBadReadPtr
GetModuleFileNameW
AddAtomW
TerminateThread
HeapFree
FindResourceA
GetLastError
DisableThreadLibraryCalls
GetSystemTime
GetCurrentProcessId
LoadResource
GetSystemInfo
VirtualFree
WaitForMultipleObjects
GetExitCodeThread
Sleep
QueryPerformanceCounter
GetCurrentThreadId
EnumResourceLanguagesW
FreeLibrary
LeaveCriticalSection
WideCharToMultiByte
EnterCriticalSection
ResetEvent
IsBadWritePtr
CreateFileW
InterlockedDecrement
GlobalAlloc
LoadLibraryA
MultiByteToWideChar
GetGeoInfoW
GetThreadPriority
VirtualAlloc
SetThreadPriority
InterlockedIncrement
CreateMutexA
LockResource
ReleaseSemaphore
GetProcAddress
CreateSemaphoreA
ReleaseMutex
LoadLibraryW
ExitProcess

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

newdev

UpdateDriverForPlugAndPlayDevicesW

shlwapi

StrCmpNIA
StrStrA

shell32

SHGetFolderPathW

Sections

.text
Size: 93KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

177fb1e4844f2d9b974c91ea59dd595d

Headers

File Characteristics

Imports

kernel32

setupapi

iphlpapi

newdev

shlwapi

shell32

Sections

.text Size: 93KB - Virtual size: 232KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 232KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 512B - Virtual size: 4KB