484af0492f0bc4bacb34c58d2fcdb152

General

Target

484af0492f0bc4bacb34c58d2fcdb152
Size

257KB
MD5

484af0492f0bc4bacb34c58d2fcdb152
SHA1

1c9810eb1aa56c7f6ab27069f1c1f71ef1869079
SHA256

774a5ed23629ca0985c9001502b8a695f161bbaf68f293ce250737707bae2ea9
SHA512

e7fd517d9f892414fedad826c76c0638d7f6e81dd0ede2d020fa4d81461902abe5ec095528deca1f2a4444966faf5282fdba06a801f72e82de43b53c77509ace
SSDEEP

6144:OYoCEbryah41X2f2a8JbhKPol9I13viQr6Z/9gF2niw90J0F3lwY:OSIk1p3fU1fS9gIiw90J0FV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
484af0492f0bc4bacb34c58d2fcdb152

Files

484af0492f0bc4bacb34c58d2fcdb152
.exe windows:4 windows x86 arch:x86

70e77d6f396efb3649337063a15d4c32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
FreeEnvironmentStringsA
DeleteCriticalSection
EnterCriticalSection
RtlUnwind
SetLastError
WriteConsoleInputA
GetCurrentProcess
IsBadWritePtr
VirtualAlloc
WideCharToMultiByte
GetStringTypeA
HeapReAlloc
GetVersion
ReleaseMutex
GetStringTypeW
GetCurrentThread
InterlockedExchange
GetModuleFileNameA
GetFileType
MultiByteToWideChar
ExitProcess
GetStartupInfoA
LeaveCriticalSection
TlsGetValue
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
GetCommandLineA
VirtualFree
QueryPerformanceCounter
GlobalFindAtomW
WriteFile
SetHandleCount
VirtualQuery
GetCurrentThreadId
GetCPInfo
HeapAlloc
HeapDestroy
HeapFree
SetThreadLocale
TerminateProcess
GetCurrentProcessId
lstrcat
TlsAlloc
LCMapStringW
TransactNamedPipe
UnhandledExceptionFilter
GetACP
GetStdHandle
TlsFree
GetEnvironmentStringsW
GetProcAddress
HeapCreate
GetShortPathNameA
SetLocaleInfoA
GetModuleHandleA
GetComputerNameA
GetOEMCP
GetAtomNameW
GetEnvironmentStrings
InitializeCriticalSection
lstrcpy
WaitForSingleObject
FreeEnvironmentStringsW
TlsSetValue

advapi32

LookupAccountSidA
RegOpenKeyExA
CryptSetProviderA
RegReplaceKeyW
CryptEnumProviderTypesA
CryptDestroyHash
RegCreateKeyA

wininet

InternetGetCookieA
InternetSetOptionA
FtpRenameFileA

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70e77d6f396efb3649337063a15d4c32

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

Sections

.text Size: 120KB - Virtual size: 119KB

.data Size: 131KB - Virtual size: 131KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 119KB

.data
Size: 131KB - Virtual size: 131KB

.rsrc
Size: 5KB - Virtual size: 4KB