3f91149881e6ae164bf9a760199c5a54

Sharing

Copy URL

Twitter E-mail

General

Target

3f91149881e6ae164bf9a760199c5a54
Size

64KB
MD5

3f91149881e6ae164bf9a760199c5a54
SHA1

48f31ba3507c50b47c4bab007df05c3943b9f157
SHA256

2fdb7b684741b9d71b06affe2c984fefe639839ba72b4ff0fd47f79d0be81d98
SHA512

f2c193abc6269b35c973a56e72bbacd1c51cb16011319f77e92e8114c308bc17f250f95db634b34332fe874eb56f5afb391f433e1eb5dca9a08916a9def13d60
SSDEEP

768:06q4/TNm4BVPquPXfcZhlqEBVUI0pDUwFBEBktHk:06JbNmiVP/8B/UI0Fj6q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f91149881e6ae164bf9a760199c5a54

Files

3f91149881e6ae164bf9a760199c5a54
.exe windows:5 windows x86 arch:x86

96e57b0adb17aafa51d1dcb22d0c91b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoW
GetProcAddress
LoadLibraryA
GetProcessHeap
VirtualAlloc

advapi32

RegOpenKeyA
RegCloseKey

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti7
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oti6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96e57b0adb17aafa51d1dcb22d0c91b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 216B

.oti1 Size: 4KB - Virtual size: 3KB

.oti5 Size: 4KB - Virtual size: 3KB

.oti2 Size: 4KB - Virtual size: 3KB

.oti7 Size: 4KB - Virtual size: 3KB

.oti3 Size: 4KB - Virtual size: 3KB

.oti4 Size: 4KB - Virtual size: 3KB

.oti6 Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 446B

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 216B

.oti1
Size: 4KB - Virtual size: 3KB

.oti5
Size: 4KB - Virtual size: 3KB

.oti2
Size: 4KB - Virtual size: 3KB

.oti7
Size: 4KB - Virtual size: 3KB

.oti3
Size: 4KB - Virtual size: 3KB

.oti4
Size: 4KB - Virtual size: 3KB

.oti6
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 446B