1480682b54e297859e0fdb8b7090678f

General

Target

1480682b54e297859e0fdb8b7090678f
Size

427KB
MD5

1480682b54e297859e0fdb8b7090678f
SHA1

034c288fce9fa7fe7529f40532061d7edb34307e
SHA256

a246d0e13a4f0183cb9360e9449cbb342224c7dc7672169fbcf5eef38270bee6
SHA512

9e65cd684fda05370a40123e009bacbe858c586afa3b78aec5811f537ab7a5182e29c10dbeaf1907bb45fecf56b75cc9b64de7e94626118b72a74db1af8c33dc
SSDEEP

6144:EAGlMUiA+Ip4FwKmx1gZ+gQGRw8CHFr3VRlKUyEJavB9iT9TY9itdKc:MmrQGRw8ClBRlKUyEIvBBsd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1480682b54e297859e0fdb8b7090678f

Files

1480682b54e297859e0fdb8b7090678f
.exe windows:4 windows x86 arch:x86

04be381401d194f47214f1f9bd78cf2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
UnhandledExceptionFilter
LCMapStringW
GetCurrentThread
GetProcAddress
GetOEMCP
HeapReAlloc
MultiByteToWideChar
GetEnvironmentStrings
TlsAlloc
GetCurrentProcessId
HeapAlloc
EnterCriticalSection
HeapDestroy
TlsFree
GetModuleHandleA
FindAtomA
lstrcpyW
OpenEventA
InterlockedExchange
LCMapStringA
WideCharToMultiByte
GetFileType
VirtualFree
GetCommandLineA
DeleteCriticalSection
SetHandleCount
GetConsoleCP
EnumResourceLanguagesA
ExitProcess
GetTickCount
FreeEnvironmentStringsA
WriteFile
HeapFree
GetStdHandle
GetModuleFileNameA
TlsSetValue
LoadLibraryA
QueryPerformanceCounter
GetStartupInfoA
VirtualAlloc
CreateMailslotW
GetEnvironmentStringsW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStringTypeA
InitializeCriticalSection
LeaveCriticalSection
SetLastError
GetVersion
FreeEnvironmentStringsW
GetLastError
GetSystemTimeAsFileTime
GetStringTypeW
GetCPInfo
WaitForMultipleObjects
HeapCreate
IsBadWritePtr
GetACP
WriteFileEx

comdlg32

GetOpenFileNameW
GetFileTitleW
PrintDlgA
PageSetupDlgW
GetOpenFileNameA
FindTextA
ReplaceTextW
GetSaveFileNameA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04be381401d194f47214f1f9bd78cf2c

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 152KB - Virtual size: 152KB

.data Size: 267KB - Virtual size: 276KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 152KB - Virtual size: 152KB

.data
Size: 267KB - Virtual size: 276KB

.rsrc
Size: 6KB - Virtual size: 6KB