2297dcfd1f766a9a53e94b2491f9cf54

General

Target

2297dcfd1f766a9a53e94b2491f9cf54
Size

253KB
MD5

2297dcfd1f766a9a53e94b2491f9cf54
SHA1

c5a440695a703009bec661b16355959269e61f3b
SHA256

4c5a0e4b31a15c6dd1383f3e49b04a66f733f545ec80ce2acd2740fc607e38ff
SHA512

bc127cd526ac5874179505a68e3f6b5c64509f0a337cfec47ee1c5184401ebb2087d7f2d111dcccd33a37f17dfc458ada4b9f8fe1cec0d451491b6b60b7c3d69
SSDEEP

6144:8KNwjjJHypm7M59kKOPtqJ7oR/ctRNUOZsZ7DiXENbSEQqatx86:8WwjjJHypHFhZWGlZsF+tEQR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2297dcfd1f766a9a53e94b2491f9cf54

Files

2297dcfd1f766a9a53e94b2491f9cf54
.exe windows:4 windows x86 arch:x86

5be87afedec1b6386a9da0c65b768d20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
LeaveCriticalSection
SetEnvironmentVariableA
GetCommandLineW
GetProcAddress
SetHandleCount
HeapReAlloc
TlsAlloc
GetCurrentThread
HeapCreate
GetCurrentProcessId
HeapAlloc
FreeEnvironmentStringsA
GetStartupInfoA
VirtualFree
GetModuleHandleA
SetLastError
SystemTimeToTzSpecificLocalTime
CompareStringA
UnhandledExceptionFilter
GetStringTypeA
IsValidLocale
GetEnvironmentStrings
IsValidCodePage
TlsFree
EnumSystemLocalesA
GetTimeZoneInformation
DeleteCriticalSection
lstrcmpA
ExitProcess
GetTickCount
CompareStringW
LCMapStringA
HeapFree
GetLocaleInfoA
GetModuleFileNameA
InitializeCriticalSection
LoadLibraryA
QueryPerformanceCounter
GetLastError
VirtualAlloc
GetUserDefaultLCID
GetDateFormatA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLocaleInfoW
GetStartupInfoW
GetSystemInfo
VirtualProtect
GetNumberFormatW
MultiByteToWideChar
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetModuleFileNameW
GetCPInfo
lstrcpynW
GetOEMCP
GetStdHandle
GetACP
WriteFile
TlsGetValue
IsBadWritePtr
FreeEnvironmentStringsW
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LCMapStringW
GetCommandLineA
GetTimeFormatA
WriteConsoleW
InterlockedExchange
HeapDestroy
GetVersionExA
GetFileType
TlsSetValue

advapi32

CryptDuplicateKey
RegCreateKeyExW
InitiateSystemShutdownA
RegRestoreKeyW
RegOpenKeyW
CryptImportKey
LookupPrivilegeValueA
CryptReleaseContext

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5be87afedec1b6386a9da0c65b768d20

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 112KB - Virtual size: 111KB

.data Size: 137KB - Virtual size: 162KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 112KB - Virtual size: 111KB

.data
Size: 137KB - Virtual size: 162KB

.rsrc
Size: 3KB - Virtual size: 3KB