f8d3bc46b3900d948e047a4c91b12952

General

Target

f8d3bc46b3900d948e047a4c91b12952
Size

378KB
MD5

f8d3bc46b3900d948e047a4c91b12952
SHA1

96006b470a86bffeb23abaa1d87f30008758692b
SHA256

71511be80887028620c9a9d4dbc31efd7cd464b9fe98c930f55f587633fe17b1
SHA512

65f1ce51efb5a798988a9d7cea3bf8294381b9775261cb2a371719e9e910c1a1bbe7a2338ed43c12771a939319514d18c378972dc24d82576902b998d9fd1f21
SSDEEP

6144:JsW/ShWdx09R+d/HFXG2h6onMsEs1e7xP0EMbuADmMt6f6NKmUIqt2v7CM/:JsIShzgS6Ess7x8tCM+CKm+k7CM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8d3bc46b3900d948e047a4c91b12952

Files

f8d3bc46b3900d948e047a4c91b12952
.exe windows:4 windows x86 arch:x86

7e09286ee07ce20c55499d2a57a7148e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
SetFileTime
WideCharToMultiByte
DeleteFileA
RtlUnwind
IsBadWritePtr
MoveFileExA
GetCurrentProcess
GetStringTypeW
VirtualAlloc
TlsFree
UnhandledExceptionFilter
HeapReAlloc
GetOEMCP
GetCurrentDirectoryA
GetLastError
FreeEnvironmentStringsW
InterlockedExchange
GetModuleFileNameA
GetCPInfo
InitializeCriticalSection
ExitProcess
GetEnvironmentStrings
HeapDestroy
LeaveCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetVersion
FreeEnvironmentStringsA
SetLastError
QueryPerformanceCounter
GetThreadPriorityBoost
TlsGetValue
InterlockedIncrement
VirtualQuery
GetCurrentThreadId
EnterCriticalSection
HeapAlloc
GetStdHandle
HeapFree
GlobalLock
TerminateProcess
GetCurrentProcessId
SetConsoleOutputCP
LCMapStringA
HeapCreate
TlsAlloc
SetHandleCount
DeleteCriticalSection
GetEnvironmentStringsW
LCMapStringW
GetACP
TlsSetValue
WriteFile
SetThreadIdealProcessor
GetPrivateProfileSectionNamesW
GetModuleHandleA
DosDateTimeToFileTime
GetCurrentThread
GlobalAlloc
SetVolumeLabelA
GetStringTypeA
WriteConsoleOutputCharacterA
LocalReAlloc
GetProfileStringA
MultiByteToWideChar
GetProcAddress
GetFileType
GetStartupInfoA
lstrcpynW
VirtualFree

user32

FrameRect

advapi32

LookupAccountNameA
RegEnumKeyW
RegReplaceKeyA
RegConnectRegistryA
RegSetValueW
RegOpenKeyW
LookupAccountNameW
CryptEnumProvidersW
CryptSetProvParam

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e09286ee07ce20c55499d2a57a7148e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 108KB - Virtual size: 108KB

.data Size: 266KB - Virtual size: 274KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 108KB - Virtual size: 108KB

.data
Size: 266KB - Virtual size: 274KB

.rsrc
Size: 3KB - Virtual size: 2KB