1aca0bbe978c7c8a94cbdef331bb5a22

General

Target

1aca0bbe978c7c8a94cbdef331bb5a22
Size

402KB
MD5

1aca0bbe978c7c8a94cbdef331bb5a22
SHA1

4bbd62bbfb2d8c96593bcb5dc5df362e730cadfe
SHA256

7c81a493c3877a8be11944b5358ddcdf6ced9c03281a3f13cab3d3e4f4c9e768
SHA512

83a2f60bd2961264345f273a76f34039a8c477e92ea06d8446119e2af3edbda6fc59d05b44ecab95de57f8d362a77f1233438bd74fce9d7dd5f87ec0ce6bd0c8
SSDEEP

12288:5/lYCGylRaD17FqwwJ/K29jYE6G+Ok39nrzsRB7K0u:3YCfRA3qVJ/p5jx09nrzs2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aca0bbe978c7c8a94cbdef331bb5a22

Files

1aca0bbe978c7c8a94cbdef331bb5a22
.exe windows:4 windows x86 arch:x86

c65085dd9a8ca533fadfd89ee2ba495b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
IsBadWritePtr
TlsAlloc
GetFileType
GetProcAddress
GetStdHandle
HeapReAlloc
TlsGetValue
GetLastError
VirtualFree
GetCurrentProcessId
HeapAlloc
GetCommandLineA
LeaveCriticalSection
WriteFile
GetModuleHandleA
FreeEnvironmentStringsA
GlobalFindAtomA
GetThreadTimes
InterlockedExchange
SetLastError
GetCurrentThread
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsSetValue
EnterCriticalSection
CopyFileA
ExitProcess
GetTickCount
DeleteCriticalSection
GetProfileIntW
HeapFree
HeapCreate
GetModuleFileNameA
GetProfileStringA
LoadLibraryA
QueryPerformanceCounter
GetVersion
VirtualAlloc
GetVolumeInformationA
GetModuleFileNameW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
HeapDestroy
MultiByteToWideChar
TlsFree
UnhandledExceptionFilter
SetCriticalSectionSpinCount
GetCommandLineW
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeCriticalSection

shell32

RealShellExecuteA
SHGetDesktopFolder
SHGetFileInfoA
DragQueryFileW
SHQueryRecycleBinW
SHFormatDrive
DoEnvironmentSubstW
SHGetSettings
RealShellExecuteExA
RealShellExecuteW
InternalExtractIconListW
DuplicateIcon
RealShellExecuteExW
ExtractAssociatedIconW
SHGetFileInfo
SHInvokePrinterCommandA
ExtractIconEx
SHBrowseForFolderW
ExtractIconA
ExtractAssociatedIconExA
ExtractIconW
SHGetInstanceExplorer
SHGetDiskFreeSpaceA

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c65085dd9a8ca533fadfd89ee2ba495b

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 125KB - Virtual size: 124KB

.data Size: 265KB - Virtual size: 286KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 125KB - Virtual size: 124KB

.data
Size: 265KB - Virtual size: 286KB

.rsrc
Size: 11KB - Virtual size: 11KB