58ea19884c39e3e001d60b2c2d03568f

General

Target

58ea19884c39e3e001d60b2c2d03568f
Size

178KB
MD5

58ea19884c39e3e001d60b2c2d03568f
SHA1

f73de97f519f07c303f0b3c53f813bc4a9ca1f41
SHA256

8b9497dabfec50d17684843e40bd5ac8905d674e4aa3d2e7de0dcaeb9818fcbf
SHA512

d18d758ba4445819bf932f4f5e451218fd3ea48394d7aed96ab66db7b02fddc76cf15c42f40ae5e6291a3a776d1545b58619459fc6adfa827f312da492984fe5
SSDEEP

3072:aeNnPwsoJAqVkEamFpOfMRIxdG/G16aztDH5SuIPTIflQz:rnPPREabmC6C1I/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58ea19884c39e3e001d60b2c2d03568f

Files

58ea19884c39e3e001d60b2c2d03568f
.exe windows:4 windows x86 arch:x86

16d11bf84cbd7dfb240799c37edc5334

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
CloseHandle
SetUnhandledExceptionFilter
InitializeCriticalSection
GetCurrentProcessId
GetShortPathNameW
GetTickCount
WideCharToMultiByte
DeleteCriticalSection
GetSystemTimeAsFileTime
LocalFree
CreateFileA
lstrlenW
InterlockedIncrement
GetProcessTimes
GetThreadLocale
UnhandledExceptionFilter
GetACP
EnterCriticalSection
EnumResourceTypesA
InterlockedExchange
GetLastError
GetProcAddress
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
GetFileAttributesA
IsBadReadPtr
LoadLibraryA
IsBadWritePtr
LeaveCriticalSection
GetLocaleInfoA
ExitProcess
QueryPerformanceCounter
IsDebuggerPresent
InterlockedDecrement
GetModuleHandleA
GetVersionExA

ole32

StgCreateDocfile
StgOpenStorage

user32

wsprintfA
wsprintfW

shell32

SHGetSpecialFolderPathA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegCloseKey
RegSetValueExA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16d11bf84cbd7dfb240799c37edc5334

Headers

File Characteristics

Imports

kernel32

ole32

user32

shell32

advapi32

setupapi

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 248KB