249ed4d0401873946916d834df884da3

General

Target

249ed4d0401873946916d834df884da3
Size

275KB
MD5

249ed4d0401873946916d834df884da3
SHA1

252ee518bbf7a4aeba27a47a742d2bc4b42c09f1
SHA256

73e7c1799b42da5f6189a86dba47fc48e285f7282812ff6bbbe8b85fd138b78e
SHA512

371b90fe641e5350351bea129bde7f42be017ccc3f0865a4ae9466c9b1ac0affd706d93159eb312f366ff0fbc432d0cc373853c46432304f99bbdc504698d254
SSDEEP

6144:o6nOPmHRfZ0YJ4Qoz4ediFTg5FHhc7/WjNu+xTekKxDn5qd2vY:oBopU7dixOH67/Wjd96n5CmY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
249ed4d0401873946916d834df884da3

Files

249ed4d0401873946916d834df884da3
.exe windows:4 windows x86 arch:x86

18176ae309532366ffb3a952fce76811

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
FatalExit
DeleteFileA
GetCommandLineA
GetPriorityClass
OpenFileMappingA
ExitThread
GetCPInfo
FindAtomW
FlushFileBuffers
GetStdHandle
DeleteFileW
FindAtomA
GlobalFree
ExitProcess
GetFileTime
FreeResource
CopyFileA
CreateDirectoryA
CopyFileA
GetCPInfo
WriteFile
GetFileTime
DeleteAtom
FatalExit
AddAtomW
GetPriorityClass
DeleteFileA
GetFileType
FreeResource
GetStdHandle
FlushFileBuffers
GetLocalTime
DeleteAtom
GetLastError
ExitThread
AddAtomW
OpenFileMappingA
FindClose
GetCommandLineA
GetFileTime
FatalExit
FlushFileBuffers
GetFileType
DeleteFileW
CopyFileA
FindAtomW
CopyFileExW
ReadFile
GlobalFree
WriteFile
CopyFileExA
GetLastError
GetCommandLineA
DeleteAtom
OpenFileMappingA
CopyFileA
AddAtomW
FlushFileBuffers
AddAtomW
CopyFileA
DeleteFileW
FindClose
FindAtomW
OpenFileMappingA
GetCPInfo
AddAtomA
CopyFileExW
GetFileTime
WriteFile
FindAtomA
GetStdHandle
GetLastError

user32

AppendMenuW
IsWindow
GetFocus
DialogBoxParamW
GetWindowTextA
DrawIconEx
AlignRects
BeginPaint
GetDC
GetMenu
CopyIcon
AppendMenuA
DialogBoxParamA
InsertMenuA
CloseWindow
GetCursor
GetDlgItem

advapi32

RegQueryValueA
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExW
RegEnumValueA
RegCreateKeyW
RegReplaceKeyA
RegDeleteKeyA
RegEnumKeyW
RegEnumValueW
RegOpenKeyExA

Sections

.itext
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 234KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18176ae309532366ffb3a952fce76811

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: 29KB - Virtual size: 29KB

.data Size: 6KB - Virtual size: 6KB

.init Size: 234KB - Virtual size: 614KB

.idata Size: 4KB - Virtual size: 3KB

.itext
Size: 29KB - Virtual size: 29KB

.data
Size: 6KB - Virtual size: 6KB

.init
Size: 234KB - Virtual size: 614KB

.idata
Size: 4KB - Virtual size: 3KB