8b65f359c1e1319554fa0cbd67adaa58

General

Target

8b65f359c1e1319554fa0cbd67adaa58
Size

43KB
MD5

8b65f359c1e1319554fa0cbd67adaa58
SHA1

69b29138ad02741d7d4bebdd2155f2b77b83d371
SHA256

46f81eef1d8f9fb34415576aa41f798b860e12d808fcd9566e05af53407c59d4
SHA512

02062daaa0b642ffca58511180228e37679f339aa0b9f01203339b51f9636151cfcd7552d19ad5bc56a0da7a664f7de0f956c85355e1fb069ddf697e43cce6b8
SSDEEP

768:21ZneX/94LYbkS11dwupgLa117K14FRDy2ZRS6eD4c:oZBLBS1bR2Lat9y23bev

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b65f359c1e1319554fa0cbd67adaa58

Files

8b65f359c1e1319554fa0cbd67adaa58
.exe windows:4 windows x86 arch:x86

e06214c7b24fb62999be2cab98433ec7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
CreateFileA
GetFileAttributesA
CreateDirectoryA
GetSystemDirectoryA
lstrlenA
ReadFile
OutputDebugStringA
DeleteFileA
GetVersionExA
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitThread
TerminateThread
WaitForMultipleObjects
GetModuleFileNameA
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileAttributesW
GetFileAttributesW
CloseHandle
WriteFile
SetFilePointer
LoadLibraryA
GetProcAddress
CreateEventW
ResetEvent
FindClose
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleA
GetCommandLineA
CreateEventA
SetEvent
CreateThread
WaitForSingleObject
CreateProcessA
CompareStringA
SizeofResource
LoadResource
FindResourceA
lstrcmpA

user32

PeekMessageA
wsprintfA
DestroyWindow
CloseWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
CreateWindowExA
ShowOwnedPopups

advapi32

RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegNotifyChangeKeyValue
RegEnumKeyA
RegCloseKey
RegDeleteKeyW

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e06214c7b24fb62999be2cab98433ec7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

iphlpapi

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 668B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 668B

.rsrc
Size: 7KB - Virtual size: 7KB