596d7cbbab62e9f45cecc69948487de6

General

Target

596d7cbbab62e9f45cecc69948487de6
Size

16KB
MD5

596d7cbbab62e9f45cecc69948487de6
SHA1

8e021bdb1e5f6a19ff5b3c81d026f74af9baa98f
SHA256

49a2d9630a76cd16a285b6ae200bd57cb45215a6c703337ccd670d6fbb188841
SHA512

6efec22d9978b3bdeb9990b7e1154dd591f362a5bf52b7d98ae6107194c1c4c8dd09aebefe305c4a1be9e68491edb498853527907356397e28deaa113b42a040
SSDEEP

384:UJq3L50kOG/aNGimCsU+U2a4rPG4WxAMQ61i6c:LqNGRlU+xa4r/8AMQ8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
596d7cbbab62e9f45cecc69948487de6

Files

596d7cbbab62e9f45cecc69948487de6
.exe windows:4 windows x86 arch:x86

cf3e729916c73166a06763660df97aa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
lstrcatA
GetSystemDirectoryA
HeapFree
GetProcAddress
HeapAlloc
GetProcessHeap
GetLastError
DeleteFileA
SetFileAttributesA
MoveFileA
FreeResource
lstrlenA
WriteFile
SizeofResource
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateFileA
LoadResource
FindResourceA
GetTickCount
GetTempPathA
lstrcpyA
SetLastError
GetFileAttributesA
ReadFile
SetFilePointer
GetModuleFileNameA
SetUnhandledExceptionFilter
ReleaseMutex
CreateMutexA
GetCommandLineA
CreateThread
LoadLibraryA
GetCurrentThreadId
GetStartupInfoA
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary

msvcrt

malloc
strlen
__CxxFrameHandler
??3@YAXPAX@Z
strstr
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
realloc
strchr
memcpy
??2@YAPAXI@Z
_except_handler3
memset
_strrev

Exports

Exports

LGLELDGB
LKEGLDBE

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1008B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf3e729916c73166a06763660df97aa2

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.rsrc Size: 1008B - Virtual size: 1000B

.text
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1008B - Virtual size: 1000B