3def8ac836a398eceb9d2923a44d7dc5

General

Target

3def8ac836a398eceb9d2923a44d7dc5
Size

632KB
MD5

3def8ac836a398eceb9d2923a44d7dc5
SHA1

9b14b37a7ee157f42fbc2219f98a482d39988ac4
SHA256

49ee7aad13f2ace5970ab7a0d0c2ee8dfa4a1650fc5a7f22bac6948ac83259dd
SHA512

e98a45c93222428fe5df4365b9d8e4779dc55baaaf9da49e592d54e373736a18d08f76ee29ef9e43da0c380f09da4b3effb68dc916ae3ffc84873b1024f73eb5
SSDEEP

12288:9IgNM9CAoDGECU/JtbnuLgOdZNzEsnbCTQFUrcm7RNqni39e:9Z69+4U/VOXVnbbvmrqz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3def8ac836a398eceb9d2923a44d7dc5

Files

3def8ac836a398eceb9d2923a44d7dc5
.exe windows:4 windows x86 arch:x86

d113d1dbfcac2c9ae90c20ef45b76c23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
FindResourceA
GetModuleHandleA
GetTempPathA
CreateProcessA
GetModuleFileNameA
LoadResource
SetFileAttributesA
DeleteFileA
ExitProcess
GetStringTypeW
GetStringTypeA
LockResource
WriteFile
GetVersionExA
CreateFileA
WinExec
CloseHandle
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetLastError
SetFilePointer
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers

user32

CharLowerA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
GetUserNameA
RegCreateKeyA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 588KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d113d1dbfcac2c9ae90c20ef45b76c23

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 588KB - Virtual size: 584KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 588KB - Virtual size: 584KB