04aa3ccd9f0960df58ade078b45fc9f0deafce1edf4c014be0eceb950670ebea

Sharing

Copy URL

Twitter E-mail

General

Target

04aa3ccd9f0960df58ade078b45fc9f0deafce1edf4c014be0eceb950670ebea
Size

1.4MB
MD5

77b7889db83492a6878ff693227ca5f0
SHA1

b583275ab1849e61d69b6a5db57b2856806113cd
SHA256

04aa3ccd9f0960df58ade078b45fc9f0deafce1edf4c014be0eceb950670ebea
SHA512

b7702569094c318bcb6d7de81d758b5152aec4fd509341f3403c2c27df843ed6dc1e9071235e4ac1265dea943d372570c35f767dd18aa3aac6f4354a905541c1
SSDEEP

12288:iZc4h6OChH0pZhxRPbvjqOe4xPVC1N2qfhOPkaXjRgjkBou6ca1YD2YGta6YxVC2:iZpwOCxWxRPbLrRPE5hO5XLiuLGJC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04aa3ccd9f0960df58ade078b45fc9f0deafce1edf4c014be0eceb950670ebea

Files

04aa3ccd9f0960df58ade078b45fc9f0deafce1edf4c014be0eceb950670ebea
.exe windows:4 windows x86 arch:x86

fd25b7196368ba1db7177a29372e2997

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
CreateEventA
CloseHandle
WaitForSingleObject
ResetEvent
lstrcpyA
Sleep
SetEvent
InterlockedExchange
CancelIo
WriteFile
SetFilePointer
CreateFileA
GetFileSize
ReadFile
GetWindowsDirectoryA
GetFileAttributesA
CreateProcessA
lstrlenA
TerminateThread
lstrcatA
GetTickCount
GetLastError
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
GetModuleFileNameA
ExitProcess
DeleteFileA
CreateDirectoryA
GetLocalTime
OpenEventA
WinExec
ExpandEnvironmentStringsA
GetCurrentThreadId
CopyFileA
MoveFileA
GetSystemTime
HeapAlloc
GetProcessHeap
VirtualProtect
IsBadReadPtr
HeapFree
FreeLibrary
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
SuspendThread
FreeResource
LoadResource
FindResourceA
LockResource
GlobalFree
GlobalUnlock
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
SetThreadPriority
GetThreadPriority
ResumeThread
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
SetLastError
MulDiv
lstrcpynA
LocalFree
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetProcessVersion
IsBadStringPtrW
IsBadStringPtrA
IsBadWritePtr
FileTimeToSystemTime
FileTimeToLocalFileTime
GetProfileIntA
SizeofResource
GetCPInfo
GetOEMCP
SetErrorMode
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetTempFileNameA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
FormatMessageA
FindResourceExA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
RtlUnwind
HeapValidate
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
TerminateProcess
RaiseException
DebugBreak
GetStdHandle
OutputDebugStringA
GetACP
GetTimeZoneInformation
FatalAppExitA
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd25b7196368ba1db7177a29372e2997

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 147KB - Virtual size: 164KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 52KB - Virtual size: 51KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 147KB - Virtual size: 164KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 52KB - Virtual size: 51KB