522a426a0d50a0a1a9699b813d64ecce

General

Target

522a426a0d50a0a1a9699b813d64ecce
Size

193KB
MD5

522a426a0d50a0a1a9699b813d64ecce
SHA1

b9577fd79a769bade9d42235f3fe8d6872c24d39
SHA256

75e8e9a0b17cd039b4c150219e47527238f01668c9dbe06f422af0e5aba78696
SHA512

57c7e0cfaac1b42d4cde3c3e594b4228b339b93d6ea0330854c025e5e9f639331b5b8fb1e7d5ce87f8f295ab6773d624d0bfa24f0c5e07be401a2bc50e4c73aa
SSDEEP

6144:hQD2u4/rNDP5t9E6Q/oL4K6vo+Y1Grl8wHXB:hQCu4/rZ5t9/Q/Q4Y+/8w3B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
522a426a0d50a0a1a9699b813d64ecce

Files

522a426a0d50a0a1a9699b813d64ecce
.exe windows:4 windows x86 arch:x86

b9ca3e95545e2d5162fbab50ea19d994

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

QueryPerformanceCounter
GetCommandLineW
DeleteFileW
GetLocaleInfoW
CreateSemaphoreW
CreateFiberEx
GetLastError
FreeLibrary
TlsFree
GetProcessHeap
TerminateThread
InterlockedCompareExchange
WaitForSingleObject
GetProcAddress
TlsAlloc
GetCurrentProcess
LocalAlloc
EnumResourceNamesA
RaiseException
InterlockedExchange
GetStartupInfoA
Sleep
LoadLibraryW
ReleaseSemaphore
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
FlushFileBuffers
VirtualProtect
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleW
FoldStringW
IsDebuggerPresent
GetTickCount
TerminateProcess
CloseHandle
TlsGetValue
LoadLibraryA
GetModuleFileNameW

user32

UpdateWindow
IsZoomed
GetParent
IsWindow
SetWindowPlacement
LoadImageW
MapVirtualKeyW
SetWindowPos
ShowWindow
RealGetWindowClass
IsIconic
DestroyWindow
GetWindowPlacement
GetSystemMetrics
LoadIconW
SetForegroundWindow

msimg32

AlphaBlend

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9ca3e95545e2d5162fbab50ea19d994

Headers

File Characteristics

Imports

setupapi

kernel32

user32

msimg32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 17KB

.tls Size: 512B - Virtual size: 80KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 17KB

.tls
Size: 512B - Virtual size: 80KB