aa563e556f178f4da9d93255311f34d0

General

Target

aa563e556f178f4da9d93255311f34d0
Size

588KB
MD5

aa563e556f178f4da9d93255311f34d0
SHA1

3f042c9b427a2594ecf4084c2f74e4c6ff13f9ee
SHA256

442d25ab2a611206a520a1fdb83a9646e55639ded6a3082f8c23c53eafd34f82
SHA512

6e7bf26d94fdf5d6a1416544fbdecf47c3972b8ccf95108ee3af9d80453577b901f5f747350cf0cc3fba83767fe6bce840235ea78ce6b04ce43b0a0852285ba6
SSDEEP

12288:BREg/tpEPVkJeDkevHsjtmBYLVVuPDOHe3HCv2LI1DChgy/H/xOTrHmG:BR/taPVkJeDxu1LVVuPwe3HC+E1Dfy/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa563e556f178f4da9d93255311f34d0

Files

aa563e556f178f4da9d93255311f34d0
.exe windows:4 windows x86 arch:x86

f82dff3369c32667d97504a96ba39acc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
GetStockObject
SetTextColor
DeleteObject

kernel32

LeaveCriticalSection
SetLastError
GetFileSize
InterlockedIncrement
GetCurrentThreadId
WriteConsoleW
Sleep
InterlockedDecrement
FindClose
CreateEventA
CreateFileW
FindResourceW
GetEnvironmentVariableA
VirtualAlloc
SetUnhandledExceptionFilter
GetModuleFileNameA
TerminateProcess
LocalFree
GetOEMCP
SetEnvironmentVariableA
GetProcAddress
HeapReAlloc
FindNextFileA
GetSystemTimeAsFileTime
ResetEvent
WriteFile
CreateFileA
FormatMessageA
ReadFile
MapViewOfFile
WideCharToMultiByte
RaiseException
SetStdHandle
GetConsoleCP
IsBadReadPtr
CloseHandle
GetCommandLineA
HeapSize
LoadLibraryExW
UnhandledExceptionFilter
CreateThread
CreateDirectoryA
GetCurrentProcessId
GetFileType
FileTimeToLocalFileTime
LoadLibraryA
lstrcmpiW
GlobalUnlock
GetVersionExA
HeapAlloc
FreeLibrary
WaitForSingleObject
lstrlenA
HeapFree
GetLastError
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsSetValue
TlsAlloc
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 528KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f82dff3369c32667d97504a96ba39acc

Headers

File Characteristics

Imports

gdi32

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 528KB - Virtual size: 526KB

.data Size: 32KB - Virtual size: 32KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 528KB - Virtual size: 526KB

.data
Size: 32KB - Virtual size: 32KB