a18027f32e09ff15ca2d8c9b2b08fe5a

General

Target

a18027f32e09ff15ca2d8c9b2b08fe5a
Size

276KB
MD5

a18027f32e09ff15ca2d8c9b2b08fe5a
SHA1

ca46336e11f7b4ab0084b75d8e97846a861fb5a3
SHA256

24cef688453c017edd67e4f4a16a5620903e92bac980dd9834083b61e192d441
SHA512

8ffce0f1aea045909bd5b5a8c67114086f712e3ea882411ef745eda98c22ed08030553edb53e34ad739bc6f008d7bdc4ccca4e04e3642d307a01f9861868b382
SSDEEP

6144:B5tQHc9Q+Qi3P2G7NnkafkjPLICn8jwaRDump2DEndL5enw/Pf/G:BrG+Qi3P2ykzjIr2EnBcUnG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a18027f32e09ff15ca2d8c9b2b08fe5a

Files

a18027f32e09ff15ca2d8c9b2b08fe5a
.exe windows:4 windows x86 arch:x86

a0e793e8e5a75c36ade5652e2be30134

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
_ismbblead
exit
__getmainargs
_cexit
_acmdln
memset
__p__fmode
__set_app_type
_XcptFilter
?terminate@@YAXXZ
_exit
__setusermatherr
_amsg_exit
_vsnprintf
_vsnwprintf
_initterm
_controlfp

kernel32

AddAtomW
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapFree
GetStdHandle
SetUnhandledExceptionFilter
CloseHandle
GetComputerNameA
GetVersion
TlsAlloc
GetProcessHeap
DeviceIoControl
TerminateProcess
GlobalMemoryStatus
GetFileType
SetLastError
TlsGetValue
TlsSetValue
EnumResourceNamesA
GetLocalTime
GetTickCount
GetCurrentProcessId
GetCommandLineA
GetModuleFileNameA
GetCurrentProcess
GetCurrentThread
RaiseException
OutputDebugStringW
GetStartupInfoA
GetVersionExA
GetModuleHandleW
GetDiskFreeSpaceA
SetHandleCount
TlsFree
HeapAlloc
RtlUnwind
InterlockedExchange

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0e793e8e5a75c36ade5652e2be30134

Headers

File Characteristics

Imports

msvcrt

kernel32

setupapi

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 131KB - Virtual size: 131KB

.reloc Size: 1024B - Virtual size: 392KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 131KB - Virtual size: 131KB

.reloc
Size: 1024B - Virtual size: 392KB