a08680137e1f6147b1605b4a6710e64a

General

Target

a08680137e1f6147b1605b4a6710e64a
Size

77KB
MD5

a08680137e1f6147b1605b4a6710e64a
SHA1

ab446d47d55f8b74bd72f16becf871dbd79a676e
SHA256

9f7cb90c3ae49eb4548bc2fcaba52fef7d7e0fcffc87c26fc8090d3e3904d6fa
SHA512

b079ec0e84acf82c12082f89841af1648a1d5e4ff53ad0d8cc9b9fbde597a2a9dabdb0766b71213f376882d446324c62d6708b4edd336221be8f23db9012fb6e
SSDEEP

192:kIMDR9K1kfJKjaQx+AXhoWfeBt/gojiZR1eZsWXutJL6cyrXUDX0oB:EfwkhKjz63JyReZcygDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a08680137e1f6147b1605b4a6710e64a

Files

a08680137e1f6147b1605b4a6710e64a
.exe windows:4 windows x86 arch:x86

0d62b9f00770772c059db3ae4d8c7645

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringW
GetVersion
ExpandEnvironmentStringsW
GetStartupInfoW
GetAtomNameW
WaitForMultipleObjects
lstrcmpiA
IsBadWritePtr
GetProcAddress
ConnectNamedPipe
GetTimeFormatA
TerminateProcess
GetDateFormatW
GetLocalTime
GetFileAttributesA
GetLongPathNameA
lstrcmpiA
FormatMessageA
DeleteFileW
GetEnvironmentVariableA
lstrlen
GetFullPathNameW

user32

SendDlgItemMessageA
LoadCursorW
GetParent
SetDlgItemTextA
CharPrevA
DialogBoxParamW
IsWindow
GetSysColor
LoadCursorA
SetDlgItemTextW
DefWindowProcW
PostMessageW
KillTimer
CharNextW
CharPrevW
PeekMessageW
SetDlgItemTextA
SetWindowTextA
IsCharLowerA
GetSystemMetrics
GetClassInfoW
PostMessageA
SendDlgItemMessageW
GetDlgItem
DialogBoxParamA
SetWindowTextW
EndDialog
SetDlgItemInt
SetForegroundWindow
PostQuitMessage
PeekMessageA
GetWindowRect
DispatchMessageW
GetFocus
EndPaint
CharPrevExA
LoadIconA
DestroyWindow
GetDlgItemTextW

gdi32

GetBkMode
GetStretchBltMode
InvertRgn
GetObjectType
CreatePen
Ellipse
GetPath

advapi32

RegCloseKey
RegFlushKey
RegLoadKeyW

shell32

SHGetFolderLocation
SHGetDiskFreeSpaceExA
StrCpyNA
ExtractIconW
StrRStrIA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d62b9f00770772c059db3ae4d8c7645

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 2KB - Virtual size: 1KB