7c548c3af4cc4a2e75150ea24dd1ff61

General

Target

7c548c3af4cc4a2e75150ea24dd1ff61
Size

143KB
MD5

7c548c3af4cc4a2e75150ea24dd1ff61
SHA1

6b74e1515333cf6c897beb4adf848570e7e5d1fb
SHA256

a83a5f94300c4b3998d5ae56f64847182bbe21bd5f47182df27c749a0be14dd3
SHA512

2e636d3db3d6e24054b4af330974541c678b56d3d567a0e355dff8b392288e9e2d191861894cb595a25f5b696c43c4aea798ff80eb50c4e3c2c64764f1acba27
SSDEEP

3072:vybUZobYO5o13uBYvNVsbAcsDPch6cPSUZBfy0:vyweYuW32YvrEyrgGUBl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c548c3af4cc4a2e75150ea24dd1ff61

Files

7c548c3af4cc4a2e75150ea24dd1ff61
.exe windows:4 windows x86 arch:x86

9cab4f308621596c4155b5d7cd6042a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateProcessA
CreateThread
DisableThreadLibraryCalls
EnumSystemLocalesA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindResourceA
FreeEnvironmentStringsA
FreeLibrary
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocalTime
GetModuleFileNameA
GetOEMCP
GetProcessHeap
GetStdHandle
GetTimeFormatA
GetVersionExA
GetWindowsDirectoryA
HeapAlloc
HeapDestroy
InterlockedCompareExchange
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MultiByteToWideChar
OpenEventA
OutputDebugStringA
QueryPerformanceCounter
ReadFile
RemoveDirectoryA
RtlUnwind
SetFileTime
SetLastError
SetStdHandle
Sleep
SuspendThread
TlsFree
UnhandledExceptionFilter
VirtualAlloc
WideCharToMultiByte
WriteConsoleA
WriteFile
lstrcmpA

user32

DialogBoxParamA
IntersectRect
IsIconic
MapWindowPoints
MessageBoxA
SystemParametersInfoA

advapi32

AllocateAndInitializeSid
CloseServiceHandle
FreeSid
QueryServiceConfig2A
QueryServiceStatus
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 49KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cab4f308621596c4155b5d7cd6042a3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 81KB - Virtual size: 81KB

.DATA Size: 49KB - Virtual size: 176KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 81KB - Virtual size: 81KB

.DATA
Size: 49KB - Virtual size: 176KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB