13f4617960b66c5fcd469513ee18a9ae

General

Target

13f4617960b66c5fcd469513ee18a9ae
Size

179KB
MD5

13f4617960b66c5fcd469513ee18a9ae
SHA1

20fd60cbe70f0145c5c0e6b34d9525b357f40b9c
SHA256

78255d5ae2b9dbd5567a22cd09fbeb82de627ae113005da07cf7fd58e89eec30
SHA512

d96376d62f5c33fd885e637c5bba8a0c95c13c12aa3cb30df18d2ede99188b664d007faa23833317af27976d808025627c15262a9719e33d666a9749f5f54626
SSDEEP

3072:1aozYD0pz3YNcDhSZqaawNGsg4j/0HFKg+mi/+N3JR35h1BcDa4/j36QK0X4ylCa:40NYNeCqSoI/Rc3rph1e24/7Z6Fe1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f4617960b66c5fcd469513ee18a9ae

Files

13f4617960b66c5fcd469513ee18a9ae
.exe windows:4 windows x86 arch:x86

2314c7c6e13306188464410b9306a8d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
lstrlenW
GlobalGetAtomNameA
GlobalAlloc
CloseHandle
GetProcAddress
GetVersionExA
MulDiv
WritePrivateProfileStringW
FindCloseChangeNotification
lstrcpyW
ResumeThread
GlobalSize
GetFileAttributesW
LoadLibraryA
GetLocaleInfoW
SetFileAttributesW
GetTickCount
GetCurrentDirectoryW
LoadLibraryExW
InitializeCriticalSection
lstrcpynW
WaitForSingleObject
GetVersion
WideCharToMultiByte
GetLastError
GlobalFree
GetPrivateProfileIntW
GetModuleFileNameW
GlobalLock
EnumResourceTypesA
FindClose
LockResource
GetModuleHandleW
GetCurrentThreadId
Sleep
IsValidCodePage
LoadLibraryW
GetVersionExW
FindFirstFileW
GlobalUnlock
InterlockedIncrement
FindFirstChangeNotificationW
MultiByteToWideChar
FreeLibrary
FindResourceW
LoadResource
FileTimeToLocalFileTime
GetPrivateProfileStringW
lstrcmpW
DeleteFileW
FindNextChangeNotification
FileTimeToSystemTime
SetThreadPriority

shell32

SHIsFileAvailableOffline
SHBrowseForFolderA
ShellExecuteExA
SHFileOperationW
SHGetFolderPathW
SHGetPathFromIDListA
CommandLineToArgvW
SHGetFileInfoA
ShellExecuteW
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2314c7c6e13306188464410b9306a8d1

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 96KB - Virtual size: 95KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 96KB - Virtual size: 95KB

.rsrc
Size: 512B - Virtual size: 4KB