1e639203714dc37a2abf2cd15f7e207a

General

Target

1e639203714dc37a2abf2cd15f7e207a
Size

196KB
MD5

1e639203714dc37a2abf2cd15f7e207a
SHA1

2578494a809df2d2fa8e12973030e2d81bd8aa8f
SHA256

b24b8270b61b10cf66b06392999e3f981ff24d44d26bb8b716f08de27b0bce04
SHA512

a897021e3e9c5c74ff3c1f258ea98a5851db86f15acc7c0229d633fd1471c02528d49f42f217236e99ab2a081ab798f0e2d33a3b84bc9ab58fe381a0be02530a
SSDEEP

3072:RJvuJqarjQkaBDsyz1h/omJqWtU8av6NZ34hk5gFvP3q0b1nW8tK9kEtlFfAjuRn:GPj4DlJzNFak5gYs1bMN7AK0Je1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e639203714dc37a2abf2cd15f7e207a

Files

1e639203714dc37a2abf2cd15f7e207a
.exe windows:5 windows x86 arch:x86

15a6dc8bd0c65e04135d46c81c73c337

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentDirectoryW
TerminateProcess
GetModuleHandleW
GetLastError
LoadLibraryW
GetModuleFileNameW
GetProcAddress
GetVersion
GetFileAttributesW
GetModuleHandleA
OutputDebugStringA
WinExec
GlobalLock
GetSystemDefaultLCID
SetLastError
GetVersionExW
lstrlenW
GlobalUnlock
GlobalFree
IsDBCSLeadByte
GetACP
IsDBCSLeadByteEx
GetDriveTypeW
GlobalSize
GlobalReAlloc
GetFileSize
GetFileTime
SetFileTime
GetVolumeInformationW
UnlockFile
LockFile
GetCurrentDirectoryW
MoveFileW
ReadFile
WriteFile
SetFilePointer
DeleteFileW
SetFileAttributesW
CloseHandle
SearchPathW
FindClose
FindFirstFileW
FindNextFileW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetShortPathNameW
SetErrorMode
FindResourceW
LoadResource
GetLocalTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareStringA
GetStringTypeW
FreeLibrary
LCMapStringW
IsBadReadPtr
GetOEMCP

rpcrt4

MesDecodeBufferHandleCreate

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 806KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15a6dc8bd0c65e04135d46c81c73c337

Headers

File Characteristics

Imports

kernel32

rpcrt4

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 67KB - Virtual size: 806KB

.rsrc Size: 87KB - Virtual size: 87KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 67KB - Virtual size: 806KB

.rsrc
Size: 87KB - Virtual size: 87KB