794d597b6a2a649765ba4d8a6891c8f3

General

Target

794d597b6a2a649765ba4d8a6891c8f3
Size

75KB
MD5

794d597b6a2a649765ba4d8a6891c8f3
SHA1

41806d4b48899e96b0297c5e3c625b4ab217caed
SHA256

e843d3402696fae01f328be6229a09b0356e1ede956ae6a296ed8d931c18b741
SHA512

3975bb6751805de76e99a2dc8b426fbaf70205e93b5286cb3352042e2ea4c63624002bef31c0671a0d2596181b5a4e91114f619ad691f7d3d6f5d4ab0f0b1c84
SSDEEP

768:413vs0rUdsF1ygYzXa49g5bvNZujf+h5rjGstHDINiImsyHsS/PQ39zPpM7T2w:EtbFrYzXaug5bTZjGA+Asn9zPpMWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
794d597b6a2a649765ba4d8a6891c8f3

Files

794d597b6a2a649765ba4d8a6891c8f3
.exe windows:1 windows x86 arch:x86

3692b611fd9186037c86b2f019335d8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileAttributesA
CreateFileA
EnterCriticalSection
Beep
GetCommandLineA
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentThreadId
GetEnvironmentStrings
CloseHandle
GetFileType
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetStartupInfoA
GetStdHandle
ExitProcess
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
PeekConsoleInputA
RaiseException
ReadConsoleInputA
ReadFile
RtlUnwind
ScrollConsoleScreenBufferA
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteConsoleOutputA
WriteFile
GetVersion

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3692b611fd9186037c86b2f019335d8f

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 33KB - Virtual size: 36KB

DATA Size: 7KB - Virtual size: 12KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.debug Size: 29KB - Virtual size: 32KB

CODE
Size: 33KB - Virtual size: 36KB

DATA
Size: 7KB - Virtual size: 12KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

.debug
Size: 29KB - Virtual size: 32KB