8a00a0ab960016842baa8757d6526b79

General

Target

8a00a0ab960016842baa8757d6526b79
Size

10KB
MD5

8a00a0ab960016842baa8757d6526b79
SHA1

7f12bb47183a4815f94844f1c312ef8795ef39aa
SHA256

3187f56ae536f5d5dada7c84fa553486b8b95bf38b5e5076ebb9c977e1003906
SHA512

ecbf27e1dcdb60427e1fb43e2f2ff764f0fd41a961c68bed3908f5801f31a3da25a1076c5fd1fced8c4b4a01e359b9f7688263c19d40e6b4ef495b8c7207a740
SSDEEP

192:+0Ug/N1nWw4fmBe45uqCeWM5jwhVyc2pqD1yutlCG:+0Ug/WwM8Meh5jwhIcT1y3G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a00a0ab960016842baa8757d6526b79

Files

8a00a0ab960016842baa8757d6526b79
.exe windows:4 windows x86 arch:x86

5105c767fe659b70c21da29037c0da76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoExA
ExitProcess
FindClose
FreeConsole
GetEnvironmentStrings
GetFullPathNameA
GetTempFileNameA
HeapAlloc
LoadLibraryA
LocalFlags
LockFile
WaitForMultipleObjects
lstrcatW

advapi32

CryptDecrypt
CryptEnumProviderTypesA
CryptVerifySignatureA
GetEffectiveRightsFromAclW
GetMultipleTrusteeOperationW
GetPrivateObjectSecurity
GetSecurityDescriptorOwner
GetServiceDisplayNameA
ImpersonateNamedPipeClient
ImpersonateSelf
InitializeSid
LockServiceDatabase
LookupAccountNameA
MapGenericMask
ObjectPrivilegeAuditAlarmW
RegCreateKeyW
RegFlushKey
SetEntriesInAclA
SetPrivateObjectSecurity
SetSecurityInfo

user32

DdeGetData
DeleteMenu
FindWindowW
GetDCEx
GetWindowTextLengthW
LoadAcceleratorsA
OpenDesktopA
RegisterWindowMessageW
ReplyMessage
SetMenuItemBitmaps
SetPropA
UnlockWindowStation
WINNLSEnableIME

gdi32

BeginPath
CreateICW
EndPage
ExtCreatePen
FixBrushOrgEx
GdiGetBatchLimit
GdiPlayJournal
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetMetaFileBitsEx
GetMetaFileW
GetPixelFormat
GetTextMetricsW
PolyTextOutW
SetDeviceGammaRamp
SetMapperFlags
SetROP2
SetWindowExtEx
StretchDIBits

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5105c767fe659b70c21da29037c0da76

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 7KB - Virtual size: 16KB

.idata Size: 1024B - Virtual size: 16KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 7KB - Virtual size: 16KB

.idata
Size: 1024B - Virtual size: 16KB