293178bffa66fd519b4a33492344a03d

General

Target

293178bffa66fd519b4a33492344a03d
Size

64KB
MD5

293178bffa66fd519b4a33492344a03d
SHA1

cc4efa0f65c7a23c88281e1b354648feff4a7188
SHA256

f34e7e8533ba668ee17c51299df695b1ba71e383b4a3575027b7f1d9fbd918dc
SHA512

7dfdd7fd57d41c40c5057dc15c84f8a9fef060f797842cdeda0ce1806c51accdd58b218316c24847d455c56e7df643b874ef45f942332a80753a082a5ddbd73f
SSDEEP

768:7aND5oKh4khWgoQ9lTvUNsE92tt7LYoQ3E38sdXzxn81XgX/GPiLu/T7GTm:7aND5oqxlTv8se0B8oQ0FX4XgX/G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
293178bffa66fd519b4a33492344a03d

Files

293178bffa66fd519b4a33492344a03d
.exe windows:4 windows x86 arch:x86

55873f17ac2256abaa272787bc7c2ccf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrTrimA

kernel32

Sleep
GlobalAlloc
GetVersionExA
GetModuleFileNameA
TerminateProcess
GetExitCodeProcess
SetProcessPriorityBoost
ExitThread
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetSystemDirectoryA
GetTickCount
SetThreadPriority
GetStartupInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapFree
GetLastError
CreateThread
GetCurrentThreadId
TlsSetValue
HeapAlloc
ExitProcess
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetModuleHandleA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetCPInfo

shell32

ShellExecuteExA
SHChangeNotify
ShellExecuteA

rasapi32

RasEnumDevicesA
RasEnumConnectionsA
RasGetEntryPropertiesA
RasHangUpA
RasSetEntryPropertiesA
RasDialA
RasGetErrorStringA
RasDeleteEntryA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55873f17ac2256abaa272787bc7c2ccf

Headers

File Characteristics

Imports

shlwapi

kernel32

shell32

rasapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 28KB - Virtual size: 27KB