708847e85ecacd9868dd0cd8a237c1c1

General

Target

708847e85ecacd9868dd0cd8a237c1c1
Size

3.4MB
MD5

708847e85ecacd9868dd0cd8a237c1c1
SHA1

9784571adadc339e7c232a9db3c38cf938a4d8f3
SHA256

35db3206953cf163111035eb1576853ee0cac51e38620b6b1640330b75c01fbd
SHA512

c5596fe4d679728fce50f2deab24a895341e68bd4bf30bf41bd89cf23e8a028caf0dccaa08965df48d51cedc05dd722c8195178477f3cfff5a7692b0392b0ffe
SSDEEP

98304:z8a9jwqFNuW2VMQXJ12IBJrzetAu89ZheDVEjK00:b90qfuW2VMcJ4I7rSGuyLeDVEjM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
708847e85ecacd9868dd0cd8a237c1c1

Files

708847e85ecacd9868dd0cd8a237c1c1
.exe windows:4 windows x86 arch:x86

c54b1a0f5fc1cea8df78e3979cb7f784

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
CloseHandle
TerminateProcess
UnhandledExceptionFilter
Sleep
GetTickCount
FreeLibrary
SetLastError
LeaveCriticalSection
EnterCriticalSection
GetStdHandle
GetStartupInfoW
IsDebuggerPresent
GetCommandLineW
FindClose
GetACP
FormatMessageW
TlsGetValue
CreateEventW
TlsAlloc
HeapSize
LoadLibraryW
LoadLibraryExW
GetCPInfo
TlsFree
SetFilePointer
CompareStringW
GetStringTypeW
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetOEMCP
GetEnvironmentStringsW
FindNextFileW
IsValidCodePage
FindFirstFileW
VirtualAlloc
LocalAlloc
GetCommandLineA
DecodePointer
SetEndOfFile
GetFileSize
EncodePointer
GetModuleHandleExW
GetLocaleInfoW
CreateDirectoryW
GetFullPathNameW
UnmapViewOfFile

user32

LoadStringW
DispatchMessageW
DestroyWindow
ReleaseDC
DefWindowProcW
MessageBoxW
PostQuitMessage
SetWindowLongW
GetWindowLongW
GetDlgItem
GetDC
PostMessageW
SendMessageW
EnableWindow
IsWindow
LoadCursorW
EndDialog
SetWindowTextW
LoadIconW
GetSysColor
EndPaint
SetCursor
EnableMenuItem
GetWindow
GetWindowTextW
SystemParametersInfoW
MessageBoxA
ClientToScreen

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c54b1a0f5fc1cea8df78e3979cb7f784

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.idata Size: 2KB - Virtual size: 1KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: - Virtual size: 612KB

.text
Size: 6KB - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB