a34c65619fe1ab5e9c30ac211b1d6bf2

General

Target

a34c65619fe1ab5e9c30ac211b1d6bf2
Size

162KB
MD5

a34c65619fe1ab5e9c30ac211b1d6bf2
SHA1

1b0f0c945d7989f463d2bd015679b905f4c13c37
SHA256

0c8b2f6fe654f85fb757c7cb42a68959f78b0864c5f95cb6fb93292d3093f5bb
SHA512

91483c3c81e093cb402f4a99653b08a060770fcbb828ad0ee4d7046128ed0bfe4663b6dfff1e114d2d1cb2e4ecacae938432532ced23866b6c31e33ff01b0311
SSDEEP

3072:VG/nrefWuB0db1tyI3VRVRU5wdcjCGnu2omYyCeCJ:VynSe91gI3VRMAufomYyCR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a34c65619fe1ab5e9c30ac211b1d6bf2

Files

a34c65619fe1ab5e9c30ac211b1d6bf2
.exe windows:4 windows x86 arch:x86

58a49bc7fc2308f40f82892ef7cececf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory
WTSQuerySessionInformationW
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

HeapReAlloc
CloseHandle
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedExchange
CreateFileW
GetEnvironmentVariableA
WriteFile
GetSystemTimeAsFileTime
GetCurrentThreadId
UnhandledExceptionFilter
GetCurrentProcessId
IsDebuggerPresent
QueryPerformanceCounter
SystemTimeToFileTime
GetTickCount
SetUnhandledExceptionFilter
GetCurrentProcess
Sleep
GetThreadLocale
EnumResourceTypesW
LoadLibraryExW
TerminateProcess
GetACP
LoadLibraryW
LZOpenFileA
WideCharToMultiByte
LocalAlloc
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapDestroy
GetStdHandle
GetProcessHeap
MultiByteToWideChar
lstrlenW
HeapSize
RaiseException
GetSystemTime
lstrlenA
GetLocaleInfoA
CreateProcessA
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

msimg32

TransparentBlt

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58a49bc7fc2308f40f82892ef7cececf

Headers

File Characteristics

Imports

wtsapi32

kernel32

oleacc

msimg32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 2KB - Virtual size: 405KB

.data Size: 118KB - Virtual size: 118KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 2KB - Virtual size: 405KB

.data
Size: 118KB - Virtual size: 118KB

.rsrc
Size: 512B - Virtual size: 4KB