a280e84f0802856e28c7658981b326db

General

Target

a280e84f0802856e28c7658981b326db
Size

171KB
MD5

a280e84f0802856e28c7658981b326db
SHA1

3a3d51f8961f87c947835bd5a5003bb71c770cb0
SHA256

689698f56ebfec1e10a75c8df41c5d47a437faa315255efa0845d8c3a77f92ee
SHA512

e8803294df1c5f2c2445fb2a87c37138c47fd81ad96035a60b133dac0865f17ea82b4afca92d6a04fcbe723e7f3b9e0566bc2ba782424ca32eebac26bf27c5fb
SSDEEP

3072:QRFIaMPMFHnaWna+kEhA8m34Td6V6IOFTvbglFSZCVSph+DmrLUjb8IQ6J:SFIaXZhaAyvoxvbgeQUWSMcIQ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a280e84f0802856e28c7658981b326db

Files

a280e84f0802856e28c7658981b326db
.exe windows:5 windows x86 arch:x86

c325f831701de01549fb83788e822f33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

dswave.pdb

Imports

msvcrt

memmove
_purecall
free
wcstombs
__CxxFrameHandler
??2@YAPAXI@Z
_initterm
malloc
_adjust_fdiv
??3@YAXPAX@Z

kernel32

IsSystemResumeAutomatic
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetProcAddress
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
DisableThreadLibraryCalls
GetConsoleOutputCP
DeleteCriticalSection
GlobalFree
LoadLibraryA
GetLastError
GetConsoleCP
SetLastError
GetVersion
GlobalAlloc
GetUserDefaultLCID
GetSystemDefaultLCID
GetUserDefaultLangID
FreeEnvironmentStringsA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId

advapi32

RegEnumKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

msacm32

acmStreamPrepareHeader
acmStreamConvert
acmStreamSize
acmStreamUnprepareHeader
acmStreamClose
acmFormatSuggest
acmStreamOpen

ole32

StringFromCLSID
CoTaskMemFree

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c325f831701de01549fb83788e822f33

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

msacm32

ole32

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 152KB - Virtual size: 360KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 152KB - Virtual size: 360KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB