20a23d37bce733d8ec3ca34e96223804

General

Target

20a23d37bce733d8ec3ca34e96223804
Size

184KB
MD5

20a23d37bce733d8ec3ca34e96223804
SHA1

2a0b8e40834c04d6d91f175c9a4a2e62c58d9eb9
SHA256

07b1a8dc6c16147fa2625cf95c40c58cfbc4e25cd4b20f2f96acafc6fbf38b39
SHA512

b7076b25cc138b43e2720fd9142a355eb442a9869283271e0f18d0901ebea17811f91aaae70b70d54cb6ecc6d2e04e5f1545816ea8c47c1e3b6c42451be7d482
SSDEEP

3072:953SrW5yk+nEs98f4Yr7qV+PBXNXrrZQQfZ9TKW0z9MSg45mgMU35s:arWMk+E11r7B92QfZ5KviU35s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20a23d37bce733d8ec3ca34e96223804

Files

20a23d37bce733d8ec3ca34e96223804
.exe windows:4 windows x86 arch:x86

f08609e63f245d221030fa3aeaa4e7c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageNtHeader
ImageRvaToVa
ImageGetDigestStream
ImageDirectoryEntryToData

psapi

GetProcessMemoryInfo

kernel32

CreateFiberEx
BeginUpdateResourceW
LoadLibraryExW
AreFileApisANSI
DebugBreak
GetFullPathNameW
EscapeCommFunction
FindClose
RemoveDirectoryA
GetFileAttributesW
OutputDebugStringA
UpdateResourceW
SetFileAttributesW
EndUpdateResourceW
EnumResourceNamesW
ReadFile
lstrlenA
RemoveDirectoryW
FreeLibrary
DeleteFileA
CreateDirectoryW
SetFileAttributesA
CreateDirectoryA
GetFullPathNameA
CopyFileW
FatalExit
GetOEMCP
GetFileAttributesA
DeleteFileW
LoadLibraryExA
CopyFileA
GetFileInformationByHandle

msvfw32

ICInfo

advapi32

CryptHashData
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptDestroyHash

user32

MonitorFromWindow
CharNextA
wsprintfW
CharNextW

shell32

CommandLineToArgvW

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f08609e63f245d221030fa3aeaa4e7c6

Headers

File Characteristics

Imports

imagehlp

psapi

kernel32

msvfw32

advapi32

user32

shell32

Sections

.text Size: 161KB - Virtual size: 161KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 19KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 19KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 76KB