232c66431fa309d381def611e249b694

Sharing

Copy URL Twitter E-mail

General

Target

232c66431fa309d381def611e249b694
Size

288KB
MD5

232c66431fa309d381def611e249b694
SHA1

99bc086605b958d1fa729d9b020f265eef71da27
SHA256

fbded55a1db62ae65ab207cef5080cd1d25305e7cac72776a2aa85df60558dc5
SHA512

c71d9a0ad5d87f497303b0575f299bc8da2649a39027d5c309cb6f24c7307f5efa8a7e33c39e19aae620075b1ba8f1b575da0fe6e5531a109882b6d8a12d52e5
SSDEEP

6144:iIBWjgf3YOSr5mHzSQs+fJzXbEZk5ek/XoBUj:i7jgf3YePfRwZk4yo+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
232c66431fa309d381def611e249b694

Files

232c66431fa309d381def611e249b694
.exe windows:4 windows x86 arch:x86

a4cad67984d73bfcbfe54928dd8474d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateFileA
GetFileType
GetFileSize
GetStdHandle
RaiseException
ReadFile
SetEndOfFile
SetFilePointer
UnhandledExceptionFilter
WriteFile
CreateThread
ExitThread
ExitProcess
FindClose
FindFirstFileA
FreeLibrary
GetCommandLineA
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetThreadLocale
LoadLibraryExA
lstrcpyn
lstrlen
MultiByteToWideChar
WideCharToMultiByte
VirtualQuery
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
GetVersion
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
TlsGetValue
TlsSetValue
CompareStringA
CreateEventA
EnumCalendarInfoA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindNextFileA
FormatMessageA
InterlockedExchange
GetACP
GetCPInfo
GetComputerNameA
GetDateFormatA
GetDiskFreeSpaceA
GetExitCodeThread
GetFullPathNameA
GetLocalTime
GetStringTypeExA
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalHandle
GlobalReAlloc
GlobalUnlock
LoadLibraryA
MoveFileA
ResetEvent
ResumeThread
SetEvent
Sleep
WaitForSingleObject
WinExec

ntdll

RtlUnwind
RtlGetLastWin32Error
RtlEnterCriticalSection
RtlLeaveCriticalSection
RtlDeleteCriticalSection

user32

CharNextA
MessageBoxA
LoadStringA
GetKeyboardType
CharToOemA
CharUpperBuffA
GetSystemMetrics
MsgWaitForMultipleObjects
PeekMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

oleaut32

SysAllocStringLen
SysReAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantCopy
VariantChangeType
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex

Sections

.XPack0
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XPack
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4cad67984d73bfcbfe54928dd8474d9

Headers

File Characteristics

Imports

kernel32

ntdll

user32

advapi32

oleaut32

Sections

.XPack0 Size: 192KB - Virtual size: 192KB

.rsrc Size: 12KB - Virtual size: 12KB

.XPack Size: 76KB - Virtual size: 72KB

.idata Size: 4KB - Virtual size: 2KB

.XPack0
Size: 192KB - Virtual size: 192KB

.rsrc
Size: 12KB - Virtual size: 12KB

.XPack
Size: 76KB - Virtual size: 72KB

.idata
Size: 4KB - Virtual size: 2KB