57a903eb88f32a8c586f45900b558deb

General

Target

57a903eb88f32a8c586f45900b558deb
Size

52KB
MD5

57a903eb88f32a8c586f45900b558deb
SHA1

19a0709dc55062eaaae0420e492f584bca1a9cc0
SHA256

8660d12cf5567b96e237cd3af914456b594d1256dff0b44469caf2be148505b0
SHA512

ca3260468c13cd6bc292e0daaf1e570f229c449edaadea51e20168df57368f71fddcae467d0adccdf520556643c805eb5ecc76481cf068b44746a454038d5856
SSDEEP

768:oWNAEKukvr7WYEQze0w38hybtfBOtNQywaZXo9YEX8u:6+kvr7WYEm+ZbtfkjXhdoaLu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57a903eb88f32a8c586f45900b558deb

Files

57a903eb88f32a8c586f45900b558deb
.dll windows:4 windows x86 arch:x86

27b1fd826dc04fc119ed6db3fd94a470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualFree
GetSystemInfo
GetSystemTimeAsFileTime
SetErrorMode
GetProcAddress
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
lstrcmpiA
GetCommandLineA
VirtualAlloc
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
RtlUnwind

user32

GetForegroundWindow
GetSystemMetrics

advapi32

RegCloseKey
RegOpenKeyExW

Exports

Exports

DeleteExtractedFiles
DllGetVersion
Extract
FCIAddFile
FCICreate
FCIDestroy
FCIFlushFolder
GetDllVersion
baReadCfg
slModuleInit
slModuleRegisterClassObjects

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27b1fd826dc04fc119ed6db3fd94a470

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB