0088c98e535e3558da57d02bbcd764f0

Sharing

Copy URL Twitter E-mail

General

Target

0088c98e535e3558da57d02bbcd764f0
Size

72KB
MD5

0088c98e535e3558da57d02bbcd764f0
SHA1

2c2bf312dea1a75d622fc68a5e66bdb27a35a1ab
SHA256

150c5e080c78c910a47890cb62d2a0a47ef3c4173a80d229b5eb23b4e5d42bb8
SHA512

073dcd636a3cc2bafe19a5781af619f6f2ee5de32ea1c092ade30c3bb44467cf94bd8d57584438a14fafc3b7995896960d1c65dbfb365aa6fc70706bf13af0fb
SSDEEP

1536:6MolY3669rdnoyyoT2RtTsz8rcNZFPVOQCDlt:6M/669dnoV1Tq82DtONDlt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0088c98e535e3558da57d02bbcd764f0

Files

0088c98e535e3558da57d02bbcd764f0
.exe windows:4 windows x86 arch:x86

057dd7d4ce2dd457e83f46ac26d31cee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetVersionExA
lstrcpyA
LocalAlloc
lstrcatA
CloseHandle
DeleteFileA
GetPrivateProfileStringA
GetWindowsDirectoryA
SetLastError
GetLastError
lstrcmpiA
FindClose
FindFirstFileA
TerminateProcess
WaitForSingleObject
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
LocalFree
CreateProcessA
GetShortPathNameA
CopyFileA
GetACP
GetModuleHandleA
GetCPInfo
GetStartupInfoA
GetCommandLineA
RtlUnwind
HeapFree
WriteFile
lstrlenA
GetVersion
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentProcess
ExitProcess
FreeEnvironmentStringsW
UnhandledExceptionFilter

user32

CharUpperA
EnumWindows
PostMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindowThreadProcessId
wsprintfA
LoadCursorA
SetCursor

advapi32

RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

setupapi

SetupDefaultQueueCallbackA
SetupDiOpenDevRegKey
SetupPromptReboot
SetupCloseInfFile
SetupDiGetINFClassA
SetupOpenInfFileA
SetupFindNextLine
SetupGetStringFieldA
SetupFindFirstLineA
SetupFindNextMatchLineA
SetupInstallServicesFromInfSectionA
SetupGetIntField
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupDiSetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupInstallFromInfSectionA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

057dd7d4ce2dd457e83f46ac26d31cee

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 44KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 44KB