a3cb94ac7f5dc37f2f6bacc687f1bf1a

General

Target

a3cb94ac7f5dc37f2f6bacc687f1bf1a
Size

84KB
MD5

a3cb94ac7f5dc37f2f6bacc687f1bf1a
SHA1

2551394bbb2f5fb0151e4037853a8d86826e5170
SHA256

eb0f5ac6d1722ccda2e6abc86c1108ca26d8958de142dbe4032a2fd4f4842fe7
SHA512

63691ff6b60af8c9767445c02804d25fc9d674d2f04d6fea079a89108550454e61b52303e5e9e3b6be1a0f3c17692344d879de99553bf202cf4bec44e0fe031d
SSDEEP

1536:627oCetuKSiMaIv/sjz65T6sm8SRU/p3fn8qhV:627oRuFTv0jzAJL/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3cb94ac7f5dc37f2f6bacc687f1bf1a

Files

a3cb94ac7f5dc37f2f6bacc687f1bf1a
.dll windows:4 windows x86 arch:x86

f1adee08777146117bbaa1006fe96e77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lz32

LZClose
LZCopy
LZOpenFileA

kernel32

FindFirstFileA
GetDriveTypeA
GetLogicalDrives
FormatMessageA
GetLastError
CopyFileA
FindNextFileA
FindClose
LoadLibraryA
SetEndOfFile
SetFileAttributesA
GetProcAddress
HeapCreate
GetStringTypeW
GetStringTypeA
HeapFree
HeapAlloc
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFullPathNameA
ExitProcess
TerminateProcess
GetCurrentProcess
DeleteFileA
InterlockedDecrement
InterlockedIncrement
CreateDirectoryA
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
GetFileAttributesA
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

Get_Version
main
version

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1adee08777146117bbaa1006fe96e77

Headers

File Characteristics

Imports

lz32

kernel32

advapi32

Exports

Exports

Sections

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 74KB - Virtual size: 86KB

.reloc Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 74KB - Virtual size: 86KB

.reloc
Size: 4KB - Virtual size: 4KB