39e74964bfb69579d9a31f84d893db59

General

Target

39e74964bfb69579d9a31f84d893db59
Size

69KB
MD5

39e74964bfb69579d9a31f84d893db59
SHA1

834c54588cc0f1a9ad17351fddc2b8126f524c4e
SHA256

d19a4f5182dbd2afd5c4417efede1ccc67b95f6535416339f10096f449ad81e2
SHA512

8756172ec0f74b793dda5f86b96a66b2357a497f102b0517fc839a7c0b827605f057856c1b4393bfc6d176f71a518dfedc005144c25cbb1dba22915676139c09
SSDEEP

768:0eGZ7pXszDhvm8D5aPMoIsyIdItKWz2EkRq7aJ9XmCHuPZHXyOSNTvvP/ZEItn1w:YZOwE5aDIcl4Kq7ankH8d3Rt1i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39e74964bfb69579d9a31f84d893db59

Files

39e74964bfb69579d9a31f84d893db59
.exe windows:4 windows x86 arch:x86

3559ec8e41bb4045ae46ef4330c3f17a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CloseHandle
DeviceIoControl
CreateFileW
GetSystemDirectoryA
GetVolumeInformationA
GetWindowsDirectoryA
ExitProcess
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
IsBadWritePtr
GetComputerNameA
WriteFile
lstrlenA
GetVersionExA
GetTempPathA
CreateProcessA

shell32

ShellExecuteExA
SHChangeNotify

msvcrt

rand
_except_handler3
atoi
sprintf
__CxxFrameHandler
_snprintf
srand
time
strncat
_strdup
??3@YAXPAX@Z
_itoa

msvcp60

?_Xlen@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3559ec8e41bb4045ae46ef4330c3f17a

Headers

File Characteristics

Imports

kernel32

shell32

msvcrt

msvcp60

wininet

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 58KB - Virtual size: 59KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 58KB - Virtual size: 59KB