1943be936125b62b4f99282fad9ea446

Sharing

Copy URL Twitter E-mail

General

Target

1943be936125b62b4f99282fad9ea446
Size

837KB
MD5

1943be936125b62b4f99282fad9ea446
SHA1

93977c5a9297f3f87ef22ca8b68e8e4f9ad43f27
SHA256

5f60c14fae8332339f2d136b4f1b8b00421f1f7c915a54c89de3e4d145ee06e4
SHA512

8694335f5e68bb2b37ca357bb3839a8b36c96eada8c8755808f49f267175361677fcb91dc4557f0b1e1cd6e9acdd74b7e017db07e8fa6c20c5cf12493215aa8f
SSDEEP

24576:+jmBlOdjWsqxOCNsYa/xHXhOCXlX4DOShLQK:c4yWZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1943be936125b62b4f99282fad9ea446

Files

1943be936125b62b4f99282fad9ea446
.exe windows:4 windows x86 arch:x86

04d2817c9af4caf688e2f1cd10fe3c90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryW
GetModuleHandleA
GetStartupInfoW
GetVersionExA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapFree
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetTimeFormatA
GetDateFormatA
GetCPInfo
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetLastError
GetLastError
GetCurrentThread
ExitProcess
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
WriteFile
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
VirtualQuery
InterlockedExchange
DebugBreak
InterlockedDecrement
OutputDebugStringA
LoadLibraryA
InterlockedIncrement
WideCharToMultiByte
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
GetACP
GetOEMCP
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetLocaleInfoW
LCMapStringA
LCMapStringW
RaiseException
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
CloseHandle

Sections

.rdaals2
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d2817c9af4caf688e2f1cd10fe3c90

Headers

File Characteristics

Imports

kernel32

Sections

.rdaals2 Size: 160KB - Virtual size: 156KB

.text Size: 324KB - Virtual size: 321KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 12KB - Virtual size: 66KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.l2 Size: 4KB - Virtual size: 4KB

.rdaals2
Size: 160KB - Virtual size: 156KB

.text
Size: 324KB - Virtual size: 321KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 66KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.l2
Size: 4KB - Virtual size: 4KB