12033ae3ed3a3f8df676ed2a8ba26e80

General

Target

12033ae3ed3a3f8df676ed2a8ba26e80
Size

62KB
MD5

12033ae3ed3a3f8df676ed2a8ba26e80
SHA1

92070493583d325e3bbd965ba841c0a004108a6e
SHA256

d481e164273efc39c84e4879c559d6536ee0c6a6aef196f1ab763c9bd4280ee4
SHA512

936d4a5cde00df14f849f1f269fedbcd86911bcb43003b56fb21c166081d9436ef757379750434866d6ef9af969653e9f13ae9f4d9ed5fe5ee048c8237e4eb03
SSDEEP

768:3ut25j6ujhxiC+AiPRLSd/cJjo8oNDLfS/QXywzuVd78G4AGFIMb3kp5eRfBy3gm:3uQZbiUaQ1588nHXUVKG43FIrjYBIAA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12033ae3ed3a3f8df676ed2a8ba26e80

Files

12033ae3ed3a3f8df676ed2a8ba26e80
.exe windows:4 windows x86 arch:x86

e6c42e6de8844a4bd86d5f3e07222306

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateFileA
CreateMutexA
CreateToolhelp32Snapshot
DisableThreadLibraryCalls
EnumSystemLocalesA
ExitProcess
ExitThread
FormatMessageA
FreeEnvironmentStringsA
GetCPInfo
GetCommandLineA
GetConsoleCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcessHeap
GetStdHandle
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
HeapFree
InitializeCriticalSection
InterlockedExchange
IsValidCodePage
LoadLibraryA
LoadResource
LocalFree
LockResource
MoveFileExA
QueryPerformanceCounter
RtlUnwind
SetCurrentDirectoryA
SetLastError
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery

user32

GetSysColorBrush
GetWindowRect
TranslateMessage

advapi32

DeleteService
GetTokenInformation
RegQueryValueA
RegQueryValueExA

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6c42e6de8844a4bd86d5f3e07222306

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 51KB - Virtual size: 50KB

.data Size: 1024B - Virtual size: 9KB

.bss Size: 7KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 50KB

.data
Size: 1024B - Virtual size: 9KB

.bss
Size: 7KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB