20a0bb18bf4eb1e20aefaf113352dda7

Sharing

Copy URL Twitter E-mail

General

Target

20a0bb18bf4eb1e20aefaf113352dda7
Size

488KB
MD5

20a0bb18bf4eb1e20aefaf113352dda7
SHA1

4a4ef009bcd680d7d53ce999f0a774203b688483
SHA256

d6644dd54213f719bd5f4b60246c4062d8cf022133c3ea4c192218030806de5c
SHA512

320e255af231c85dff7530703551195cfe2dc7efdd825c897aa5f3f449bdecc5bd458a6142cb28d121be8041f6d195c382299d187fc3414cc9e195124bae286f
SSDEEP

12288:JS1sCbTqyQBHEe3qm/gkCAe1072fkWNDPa4l7RTMVAGi0:IBTy+e6o1eW2/NDpRt0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20a0bb18bf4eb1e20aefaf113352dda7

Files

20a0bb18bf4eb1e20aefaf113352dda7
.exe windows:4 windows x86 arch:x86

10daac04e17f62924a723fd340befa25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
RegisterClassA
LoadBitmapW

comctl32

InitCommonControlsEx

kernel32

LCMapStringA
RtlMoveMemory
RtlUnwind
SetStdHandle
MultiByteToWideChar
SetFileTime
DebugActiveProcess
FreeLibraryAndExitThread
QueryPerformanceCounter
HeapAlloc
InterlockedDecrement
GetPrivateProfileSectionNamesW
VirtualFree
GetCurrentProcess
CreateWaitableTimerA
InterlockedIncrement
GetVersion
InitializeCriticalSection
CompareStringA
SetFileAttributesA
VirtualAlloc
WriteProfileStringA
SetConsoleWindowInfo
FillConsoleOutputCharacterW
GetSystemTimeAsFileTime
GetStdHandle
GetModuleFileNameA
GetDiskFreeSpaceW
SetFilePointer
TerminateProcess
WriteFile
TlsSetValue
GetOEMCP
HeapDestroy
IsBadWritePtr
GetLocalTime
GetFileType
OpenFile
IsValidLocale
GetCurrentDirectoryW
FlushFileBuffers
GetCPInfo
lstrcpyA
GetEnvironmentStringsW
CloseHandle
PulseEvent
LeaveCriticalSection
HeapCreate
GetProcAddress
GetCurrentThread
GetTickCount
ReadConsoleOutputCharacterW
WriteConsoleW
GetStringTypeA
GetEnvironmentStrings
CompareStringW
LoadLibraryA
SetTimeZoneInformation
AllocConsole
SetThreadPriority
GetCommandLineA
HeapFree
FreeEnvironmentStringsA
TlsFree
GetCurrentThreadId
TlsGetValue
UnhandledExceptionFilter
GetLastError
GetTimeZoneInformation
HeapReAlloc
GetStringTypeW
VirtualQuery
InterlockedExchange
LCMapStringW
TlsAlloc
SetHandleCount
GetStartupInfoA
WideCharToMultiByte
ExitProcess
GetSystemTime
DeleteCriticalSection
GetACP
EnterCriticalSection
CreateMutexA
SetLastError
FileTimeToDosDateTime
TryEnterCriticalSection
GetModuleHandleA
SetEnvironmentVariableA
FlushConsoleInputBuffer
ReadFile
FreeEnvironmentStringsW
GetCurrentProcessId
OpenMutexA

Sections

.text
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10daac04e17f62924a723fd340befa25

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 339KB - Virtual size: 338KB

.rdata Size: 28KB - Virtual size: 58KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 339KB - Virtual size: 338KB

.rdata
Size: 28KB - Virtual size: 58KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 17KB - Virtual size: 16KB