106ee54a48e78588cae4641f1d3b0f96

General

Target

106ee54a48e78588cae4641f1d3b0f96
Size

100KB
MD5

106ee54a48e78588cae4641f1d3b0f96
SHA1

b76aef7373f844cacf708ed906006d7acb016bb4
SHA256

ab52449a2755b4f341e54dc0ce98c627e614959eab70b3f903d27950ef91bc72
SHA512

22870751dd1d61fe1babc61de9b6bc5cc93ac3a42f31d6fd84f78fccc9a144f66af1f7ad78b342227009601c8ece837943109faa2b02ed933b2e5ed91575310f
SSDEEP

3072:cn2m8oTHgfPUi23679tEkZQNfEHuzthyDV69:3VXUN6nE2Q1EM8DV0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
106ee54a48e78588cae4641f1d3b0f96

Files

106ee54a48e78588cae4641f1d3b0f96
.exe windows:4 windows x86 arch:x86

2d7e1bdc4029124614746f71e2830fd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
WriteFile
CloseHandle
CreateFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetVersionExA
FreeEnvironmentStringsA
lstrlenA
GetEnvironmentStrings
DeleteFileA
LockResource
SizeofResource
LoadResource
FindResourceA
GetSystemDirectoryA
GetEnvironmentVariableA
GetWindowsDirectoryA
CreateProcessA
SetLocalTime
GetLocalTime
GetFullPathNameA
lstrcpynA
lstrcatA
Sleep
lstrcmpiA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetStringTypeW
GetStringTypeA
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers

user32

wsprintfA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d7e1bdc4029124614746f71e2830fd5

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 56KB - Virtual size: 55KB