139dfe7bb1aa136e84d5cdde7903ebb6

General

Target

139dfe7bb1aa136e84d5cdde7903ebb6
Size

156KB
MD5

139dfe7bb1aa136e84d5cdde7903ebb6
SHA1

27897f0d31a9790c90af40d0836d7b2661a1cad4
SHA256

12fad9f317476c91ad330cdb33a25be81fcde86e8d846ab9d7dc65cf04d67bc2
SHA512

3a14aaea17bc50f8725d45c067925d7a198d4b6526c0f55544c0636fc72867fdeb7221b26490e88bc55625d3f221183736e84c4e56a19d7cfb669ebbfc5b8354
SSDEEP

3072:TKWtxiO+LQe6wBhutzeZCaqERIrryz9d8iG:TtcLQTwGeZCJgIr2JeD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
139dfe7bb1aa136e84d5cdde7903ebb6

Files

139dfe7bb1aa136e84d5cdde7903ebb6
.exe windows:4 windows x86 arch:x86

325c503e7c5539dac777fa740cdb83ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTickCount
GetLastError
ClearCommError
SetCommTimeouts
SetCommState
GetCommState
SetCommMask
CreateFileA
CloseHandle
EscapeCommFunction
SetupComm
WriteFile
ReadFile
PurgeComm
FormatMessageA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetProcAddress
GetModuleHandleA
ExitProcess
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
HeapAlloc
HeapFree
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetCommandLineA
GetVersionExA
GetProcessHeap
GetFullPathNameA
GetCurrentDirectoryA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetTimeZoneInformation
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetStringTypeA
GetStringTypeW
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

325c503e7c5539dac777fa740cdb83ba

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 52KB - Virtual size: 52KB