a17cb742646eca0cda2c2ca2717f2291

General

Target

a17cb742646eca0cda2c2ca2717f2291
Size

3.4MB
MD5

a17cb742646eca0cda2c2ca2717f2291
SHA1

0edb9b7a15a3022d498af0ed70ecbebd76f5b8d7
SHA256

20a098e47573de7217cbdb8a31028f12b78ad35c13e7aced0c170e89e06ade3b
SHA512

d4112ee570ff999960e299a16d13dd0523ade141acbfe37818ae00f18ae9d9d51ef0066f371cd4a23c0852c31ac076b783d2519068cb259f0bd512e273991926
SSDEEP

98304:AYj0Cl9mClg2NibKJ9/7iWH/7Nl/jIvrvCmYqCod7:ATw9mkNiQlj7Ixn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a17cb742646eca0cda2c2ca2717f2291

Files

a17cb742646eca0cda2c2ca2717f2291
.exe windows:4 windows x86 arch:x86

faaa55c9c5a2b64c8a38969b0a505193

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CloseHandle
TerminateProcess
Sleep
FreeLibrary
WideCharToMultiByte
HeapFree
LocalFree
LeaveCriticalSection
WaitForSingleObject
GetProcessHeap
CreateFileW
GetStartupInfoW
IsDebuggerPresent
ReadFile
RaiseException
SetEvent
GetACP
TlsGetValue
GetModuleHandleA
TlsSetValue
HeapSetInformation
WriteConsoleW
CreateThread
SetFilePointer
CompareStringW
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
SetStdHandle
FreeEnvironmentStringsW
FindFirstFileW
GetConsoleCP
LocalAlloc
SetEndOfFile
ReleaseMutex
GetFileSize
lstrlenW
GetModuleHandleExW
GetLocaleInfoW
GetFullPathNameW
LoadResource
UnmapViewOfFile
ExpandEnvironmentStringsW
CreateProcessW

user32

LoadStringW
ShowWindow
DestroyWindow
ReleaseDC
GetWindowLongW
GetSystemMetrics
GetDC
GetWindowRect
SendMessageW
SetWindowPos
EnableWindow
IsWindow
EndDialog
SetTimer
LoadIconW
SetFocus
SetForegroundWindow
BeginPaint
RegisterClassW
GetWindow
GetWindowTextW
UpdateWindow
SystemParametersInfoW
CharUpperW

Sections

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

faaa55c9c5a2b64c8a38969b0a505193

Headers

File Characteristics

Imports

kernel32

user32

Sections

.data Size: - Virtual size: 612KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.idata Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 612KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 1KB