a1725e4d8d93d16376f612f49af72abc

Sharing

Copy URL Twitter E-mail

General

Target

a1725e4d8d93d16376f612f49af72abc
Size

144KB
MD5

a1725e4d8d93d16376f612f49af72abc
SHA1

ad80d4a488b33a71ea1e244ca6c7226cb57e2f8f
SHA256

eff663f5115b212f664916498dbc4c99fe89cef56365bb25335d714de9caa3ed
SHA512

64aa907a5fcdd9e72ae24c6e44a271fab8e5f0d8da5948af9d60f6f76e0d3cb03f4dbc04f2fb5d003f9c4796acb65f4f6bde67447b5e2b56d9f0ad9f8c4ada6f
SSDEEP

3072:F6ekSu4kHycuk1IGAW1VtuN5f86cP1eZGpQxRrEzT0B7QFtaYaV5:7uDSct1rAWtGcP1UqURr2W0FtaZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1725e4d8d93d16376f612f49af72abc

Files

a1725e4d8d93d16376f612f49af72abc
.exe windows:5 windows x86 arch:x86

a78be54d393af24e7d003e6a780c8880

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPriorityClass
TermsrvAppInstallMode
SetConsoleWindowInfo
ReadFile
GetLogicalDriveStringsA
GlobalMemoryStatusEx
GetDiskFreeSpaceW
WriteFile
GetStartupInfoA
FreeLibrary
InterlockedExchange
ExitProcess
CreateProcessW
CreateFileMappingA
SearchPathW
FreeEnvironmentStringsW
VirtualQuery
LCMapStringA
HeapAlloc
CreateProcessA
CompareFileTime
GetTempPathA
GetCurrentDirectoryW
LocalFree
GetCommandLineA
SetFilePointer
SetComputerNameA
CreateFiber
OpenThread
SetInformationJobObject
SetLastError
GetVersionExA
GetProcessHeap
GetProcessHeap
CreateFileW
SearchPathA
GetShortPathNameW
CreateFileA
GetTempFileNameW
HeapReAlloc
GetThreadLocale
GetFileSize
ReleaseSemaphore
CreateTimerQueue
GetStringTypeW
LCMapStringW
GetProcAddress
GetLongPathNameW
FormatMessageA
GetTempPathW
MapViewOfFile
GetStringTypeA
DeviceIoControl
HeapFree
RaiseException
CloseHandle

ole32

CoQueryClientBlanket
OleBuildVersion
CoLockObjectExternal
CreateDataAdviseHolder

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHGetMalloc
SHGetFileInfoA
SHFileOperationA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

advapi32

RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegCreateKeyExA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mzbct
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 132KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a78be54d393af24e7d003e6a780c8880

Headers

File Characteristics

Imports

kernel32

ole32

version

shell32

advapi32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 9KB

.mzbct Size: 3KB - Virtual size: 3KB

.edata Size: 132KB - Virtual size: 151KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 9KB

.mzbct
Size: 3KB - Virtual size: 3KB

.edata
Size: 132KB - Virtual size: 151KB