759aa27a86f654e5b1292b340e9aa038

General

Target

759aa27a86f654e5b1292b340e9aa038
Size

80KB
MD5

759aa27a86f654e5b1292b340e9aa038
SHA1

277d05b6f3a12cf7d9dc804099fdd8967a620b44
SHA256

455a476c20abd03c2e712b7da3327b77afd6ef49f23506e319c9189e0be34dda
SHA512

7e89ecc1e15d3bcd156b4df6dbc3bd34e8b27f57c61e963dc68fa69b551c9f9bd813182baa15ad212693da431218a77185661e73004a345c62668ca29558b0ef
SSDEEP

1536:X0xkh0kHCZqYTYlKp6gMDODoHhej/trW:ExkToTS46hODoHQjhW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
759aa27a86f654e5b1292b340e9aa038

Files

759aa27a86f654e5b1292b340e9aa038
.exe windows:4 windows x86 arch:x86

ae4fd9aa75033ff110d84c28e0bad8ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
TerminateProcess
GetCurrentProcess
CreateDirectoryA
GetEnvironmentVariableA
ExitProcess
VirtualFreeEx
WriteProcessMemory
VirtualProtectEx
VirtualProtect
CreateRemoteThread
VirtualAllocEx
GetProcAddress
CloseHandle
LoadLibraryA
OpenProcess
GetLastError
GetFileAttributesA
Process32Next
Process32First
CreateToolhelp32Snapshot
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
ReadFile
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
DeleteFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
RaiseException
HeapReAlloc
HeapAlloc
HeapSize
WideCharToMultiByte
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetFilePointer
FlushFileBuffers
GetExitCodeProcess
WaitForSingleObject
CreateProcessA

user32

DialogBoxParamA
GetActiveWindow
EndDialog
LoadIconA
SendMessageA
SetTimer
KillTimer
FindWindowA
MessageBoxA

urlmon

URLDownloadToFileA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae4fd9aa75033ff110d84c28e0bad8ad

Headers

File Characteristics

Imports

kernel32

user32

urlmon

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 9KB