88d97cdbc980307aa5017ae5200f146e

General

Target

88d97cdbc980307aa5017ae5200f146e
Size

22KB
MD5

88d97cdbc980307aa5017ae5200f146e
SHA1

23802309176ca743c19f971f5a1a8b9db4d49061
SHA256

863a7dc57229da40dff85e9082a90bfa459af66f8df17b36ba0a4a1e75e666fe
SHA512

2ce2ddc5833a9d72e5912566d4a2ab5de4f5717baececd6af0355994f0604570eb8041e364cd16c777dc15826dd9b94d74c57d0eeb9e6da4958b5dee1c325bf9
SSDEEP

384:46300Kob3It6ass0rwgifxfJRKfxwgH19OlVUKLhzS1esZjKupeuFt+o5:4k401wgAfEPH3OsKLhzSpdUeT5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88d97cdbc980307aa5017ae5200f146e

Files

88d97cdbc980307aa5017ae5200f146e
.exe windows:5 windows x86 arch:x86

fda659127cdfb89adb6b94cbc6ea923c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetLastError
GetModuleHandleA
InterlockedIncrement
GetTickCount
LockResource
SetUnhandledExceptionFilter
MultiByteToWideChar
LoadLibraryA
GetCurrentThreadId
GetCurrentProcessId
LoadResource
WideCharToMultiByte
SizeofResource
CloseHandle
TerminateProcess
DeleteCriticalSection
Sleep
ExitProcess
EndUpdateResourceA
UnhandledExceptionFilter
InitializeCriticalSection
SetLastError
GetProcAddress
WriteFile
QueryPerformanceCounter
FreeLibrary
GetSystemTimeAsFileTime
FindResourceA
EnterCriticalSection
VirtualAlloc
InterlockedDecrement
LocalFree
GetCurrentProcess

shell32

DragFinish
IsLFNDrive
SHCoCreateInstance
Shell_GetImageLists
DragAcceptFiles
DuplicateIcon

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda659127cdfb89adb6b94cbc6ea923c

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.textbss Size: - Virtual size: 12KB

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 2KB - Virtual size: 2KB

.debug Size: 4KB - Virtual size: 4KB

.textbss
Size: - Virtual size: 12KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 2KB - Virtual size: 2KB

.debug
Size: 4KB - Virtual size: 4KB