576e45cc21e91126e6524d27e149e19f

General

Target

576e45cc21e91126e6524d27e149e19f
Size

2.9MB
MD5

576e45cc21e91126e6524d27e149e19f
SHA1

f4a61a67c5696c2db9afdc6296bbb8f1c933990d
SHA256

c1a1dff65e5ed6ad28b45ae1e784e75e1e0f43fa246e60bddbc947aed633fec7
SHA512

4a807e9defaf7fc527f49955250d64a62a1f3353347eaa58b91c9c607257fe184bffde50bcbcd769a95608240134c27fd7b9403eabf74e416e7adacaa84933e6
SSDEEP

24576:emWVWhgM9xvQ/2GwMmMNVOhSQvW3+ONtl7QIWy9wDwJnxEJpAiv:qWd9xvQulw/HNH73zh6p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
576e45cc21e91126e6524d27e149e19f

Files

576e45cc21e91126e6524d27e149e19f
.exe windows:5 windows x86 arch:x86

8dd66ecd8a568455ac95841eb7dccd13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptEncodeObjectEx
CryptEncodeObject
CryptFindOIDInfo
CryptEnumOIDInfo
CryptMsgUpdate
CertOpenStore
CertCloseStore
CertCreateCertificateContext
CertFreeCertificateContext
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertFreeCRLContext
CertAddCertificateContextToStore
CertFreeCTLContext
CertGetPublicKeyLength
CertVerifyTimeValidity
CryptHashPublicKeyInfo
CertGetNameStringW
CryptQueryObject
CertGetCertificateChain

kernel32

RtlUnwind
VirtualAlloc
HeapAlloc
HeapReAlloc
HeapFree
FreeEnvironmentStringsW
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileType
FindClose
CloseHandle
LoadLibraryW
GetCommandLineW
CreateDirectoryW
FindFirstFileW
FindNextFileW
GetVersionExW
IsValidCodePage
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
GetUserDefaultLCID
GetStringTypeW

secur32

InitializeSecurityContextW

Sections

.text
Size: 875KB - Virtual size: 874KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ehed
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dd66ecd8a568455ac95841eb7dccd13

Headers

File Characteristics

Imports

crypt32

kernel32

secur32

Sections

.text Size: 875KB - Virtual size: 874KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 64.1MB

.ehed Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 116KB - Virtual size: 116KB

.text
Size: 875KB - Virtual size: 874KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 64.1MB

.ehed
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 116KB - Virtual size: 116KB