a139f8ad1f7b9e08138ff996fda674cb

General

Target

a139f8ad1f7b9e08138ff996fda674cb
Size

195KB
MD5

a139f8ad1f7b9e08138ff996fda674cb
SHA1

a6d25ea0aa2c5f68ebf06a2a791aa9011bf9bceb
SHA256

3a018696fe4964ad72fc95c9577070892fd57ee2ebed91b0e52979e63683587d
SHA512

5869a9d4b481d13ae76cdb94fc7ceca55329bcd9da75a642b4607111898a054523f6017cfb77329c98d520fe0a4d32b926d034a93b4c8c06e008fa939f66e2b9
SSDEEP

6144:JohbvijXyXhypxrzMs4Xa7TDrSTomKxCwMlnzmn:OlvijXyRCxrqqrrSTNKINnS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a139f8ad1f7b9e08138ff996fda674cb

Files

a139f8ad1f7b9e08138ff996fda674cb
.exe windows:4 windows x86 arch:x86

cb4ac86d48b095b3d06deaf0dd90fb4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
SetFilePointer
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
GetLastError
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
HeapAlloc
WriteFile
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
CloseHandle

shlwapi

PathMatchSpecW
StrTrimW
PathFindNextComponentA
UrlCompareA
PathGetCharTypeW
UrlGetLocationA
StrToIntW
UrlCreateFromPathW
PathRemoveFileSpecA
PathIsPrefixA
StrStrW
UrlIsW
PathRemoveBlanksA
UrlCanonicalizeA
SHSetValueA
StrRChrW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb4ac86d48b095b3d06deaf0dd90fb4c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 113KB - Virtual size: 112KB

.data Size: 31KB - Virtual size: 245KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 113KB - Virtual size: 112KB

.data
Size: 31KB - Virtual size: 245KB

.rsrc
Size: 2KB - Virtual size: 2KB