acf6cb4754494d3896933873b2868702

General

Target

acf6cb4754494d3896933873b2868702
Size

453KB
MD5

acf6cb4754494d3896933873b2868702
SHA1

242f1eebdd4854af3d8c00de9464c5fa98536440
SHA256

acbee3649a57d2c4db00a16698822869fc5667eec5159322049e2f1894c415b1
SHA512

a79888f185a7e1f4a8a160e76be111c89fccefc986bdc02d271e201e3d98a83671cc2007eada46ba874a8d7d371d5876296361e3f842283622da137317323066
SSDEEP

12288:LntlDmFxDEop2Rkuash7LXja5en3kD1ugdHHjhZ7XY3:7t9mFx5ph9sh7LTa5E3kD0YHjPXY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acf6cb4754494d3896933873b2868702

Files

acf6cb4754494d3896933873b2868702
.exe windows:4 windows x86 arch:x86

41147e46231ec71b81f9dc69a60cd09f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
TlsFree
TerminateProcess
TlsAlloc
GetCommandLineW
SetLastError
lstrcmpA
GetCurrentThreadId
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessAffinityMask
InitializeCriticalSection
CreateEventW
SetEnvironmentVariableW
InterlockedExchange
ReadConsoleOutputAttribute
GetFileType
ExitProcess
SetHandleCount
GetCommandLineA
GetLogicalDrives
GetProcAddress
DeleteCriticalSection
GetModuleHandleA
GetVersion
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetModuleFileNameW
VirtualFree
LeaveCriticalSection
MultiByteToWideChar
GetEnvironmentStringsW
GetStdHandle
HeapAlloc
GetModuleFileNameA
EnumResourceLanguagesW
RtlUnwind
GetCurrentProcess
WriteFile
HeapReAlloc
ResetEvent
HeapCreate
RemoveDirectoryW
GetLogicalDriveStringsA
EnumSystemLocalesA
VirtualAlloc
GetStartupInfoW
GetTickCount
TlsGetValue
VirtualQuery
CreateFileW
LoadLibraryA
EnterCriticalSection
FreeEnvironmentStringsW
GetStartupInfoA
GetCurrentThread
GetEnvironmentStrings
WideCharToMultiByte
LocalFree
HeapFree
OpenMutexW
GetPrivateProfileStringA
QueryPerformanceCounter
TlsSetValue
IsBadWritePtr
GetLastError
HeapDestroy

comdlg32

FindTextW
GetSaveFileNameA

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41147e46231ec71b81f9dc69a60cd09f

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 3KB - Virtual size: 20KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 3KB - Virtual size: 20KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 6KB - Virtual size: 6KB