991f3cd34e98ec2ff4e61522e78adeda

General

Target

991f3cd34e98ec2ff4e61522e78adeda
Size

3.4MB
MD5

991f3cd34e98ec2ff4e61522e78adeda
SHA1

44cdd5b1cce707cb2697026f9ec9e535313c8ba3
SHA256

1bf49e6603341d69c9b7c3639302d67f6e423e4ce0aa10f2ebd11ea99c3be631
SHA512

02a42df17914e93c9c681f3d8080c2dc5e29944c266b618db094746d913671d4cfb0c990a69355dabfbf12f660cfa006b30a81cf7106f1dee19f0f61897ac728
SSDEEP

98304:tIhE+bvf/5LTljPNUp1Ul/bz6ORVjyVUADzoXN581:2hE+pvUpiCa5yVUADzod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
991f3cd34e98ec2ff4e61522e78adeda

Files

991f3cd34e98ec2ff4e61522e78adeda
.exe windows:4 windows x86 arch:x86

ddf29b4f472a4973c08916a555589da6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
QueryPerformanceCounter
WideCharToMultiByte
SetLastError
HeapFree
LocalFree
DeleteCriticalSection
ExitProcess
GetStdHandle
IsDebuggerPresent
GetCommandLineW
FindClose
RaiseException
SetEvent
GetACP
FormatMessageW
GetFileType
TlsGetValue
GetModuleHandleA
TlsSetValue
WriteConsoleW
RtlUnwind
GetOEMCP
FreeEnvironmentStringsW
IsValidCodePage
DeleteFileW
VirtualAlloc
DecodePointer
ResetEvent
GetVersionExW
CreateFileA
OutputDebugStringW
EncodePointer
VirtualFree
lstrlenW
GetModuleHandleExW
GetFullPathNameW
UnmapViewOfFile
ExpandEnvironmentStringsW
CreateProcessW

user32

TranslateMessage
DispatchMessageW
DestroyWindow
DefWindowProcW
SetWindowLongW
GetDC
GetWindowRect
PostMessageW
SendMessageW
GetClientRect
EnableWindow
EndDialog
SetTimer
LoadIconW
SetFocus
BeginPaint
SetCursor
KillTimer
InvalidateRect
GetWindowTextW
CharUpperW
ClientToScreen

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddf29b4f472a4973c08916a555589da6

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.idata
Size: 2KB - Virtual size: 1KB