a456a169281615f6bd64d3bfe164f60c

General

Target

a456a169281615f6bd64d3bfe164f60c
Size

182KB
MD5

a456a169281615f6bd64d3bfe164f60c
SHA1

93715d2967242a7a61c9edef2ce007f175b6e13c
SHA256

bdce07ead9479855ed0b81588d321c5b56715bdc9f9e9a3a766b14b06c0753bc
SHA512

6ef891da28845fbdbb728619383a8b2a4bd326cc7c324ed7ca0628e60b27ca1166ff9e8ae81f6fd301fb0112ee0277b94f7de18dfbe2f3f87bf802b34de2ec59
SSDEEP

3072:8u6rQrDS5lOTxBaxH0YWyQI1gDX9Xt44XXKmS70TYVv1xOWMuxFY8pnW/s0:8ueQrDwlaax0VrScQg1hYVPKeq8VW/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a456a169281615f6bd64d3bfe164f60c

Files

a456a169281615f6bd64d3bfe164f60c
.exe windows:4 windows x86 arch:x86

a4466e79e913e995187d1af5d7968b06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VerLanguageNameW
CreateFiber
GetVersionExW
LockFile
CompareStringW
LocalAlloc
GetSystemTime
TerminateProcess
GetProfileStringW
GetFileTime
FileTimeToLocalFileTime
EnumResourceNamesA
GetFileAttributesA
SetEndOfFile
FlushFileBuffers
UnlockFile
FlushFileBuffers
GetVolumeInformationW
FindResourceExA
IsDBCSLeadByte
GetFileType
FileTimeToSystemTime
SearchPathW
GetUserDefaultLangID
GetSystemDirectoryW

rpcrt4

NdrClientCall
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringFreeA

comctl32

ImageList_Create
ImageList_DrawEx
ImageList_Add
ImageList_GetIconSize
ImageList_Destroy

comdlg32

GetFileTitleA

user32

CallNextHookEx
DrawEdge
RealGetWindowClass
RegisterClassW
ClipCursor
ChildWindowFromPoint
EmptyClipboard
DestroyIcon
SetWindowPos
UnhookWindowsHookEx
SetScrollRange
SetClipboardData
DefWindowProcW
SetWindowsHookExW
DestroyCursor
WinHelpW
GetSysColorBrush
ToAscii
IsClipboardFormatAvailable
GetSysColor

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4466e79e913e995187d1af5d7968b06

Headers

File Characteristics

Imports

kernel32

rpcrt4

comctl32

comdlg32

user32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 22KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 80KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 22KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 80KB