ab6489f677f5d19ceec63ae5a01b4fc4

General

Target

ab6489f677f5d19ceec63ae5a01b4fc4
Size

168KB
MD5

ab6489f677f5d19ceec63ae5a01b4fc4
SHA1

20db35a6be486c57b858a970e8c31de480ea8172
SHA256

9e206e0df704eaacd49e36e28e13512e47319a0b20d64018226b1548c65aea5d
SHA512

ee0b031502acefcaab03e0c297c6f590bbd094958afb674f1b1523b5bfb50fc8a296687138dc317e6c87d9bd5059b1168f9e06dbe4f3d03290e8ddb3da91df7c
SSDEEP

3072:VqCS2qmStd2MciEeNyxZIq0QjHmcDleeuT/OY23+Ab6MCiKFAayD94iUCT2ReRGP:V9S27wFEx+JQjGGeeo923vRX+ABqFCTB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab6489f677f5d19ceec63ae5a01b4fc4

Files

ab6489f677f5d19ceec63ae5a01b4fc4
.exe windows:4 windows x86 arch:x86

eb37267fc5ea881b4b3974dc7449094e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
SetFilePointer
GetSystemTimeAsFileTime
SetFileAttributesA
AddAtomW
WaitForSingleObject
lstrlenA
GetSystemTime
Sleep
GetCurrentThreadId
VirtualAlloc
LocalAlloc
GetVersionExA
VirtualFree
CreateMutexA
GlobalFree
GetLastError
ReadFile
InterlockedDecrement
MultiByteToWideChar
GetTempPathA
GetFileSize
GetModuleFileNameW
EnumResourceNamesA
GetModuleFileNameA
DeleteCriticalSection
DisableThreadLibraryCalls
CopyFileA
GetCurrentProcessId
InitializeCriticalSection
GetVolumeInformationA
InterlockedIncrement
WideCharToMultiByte
GlobalLock
CloseHandle
FindResourceA
DeviceIoControl
ReleaseMutex
CreateFileA
CreateFileW
GetFileAttributesA
QueryPerformanceCounter
LocalFree
DeleteFileA
GlobalUnlock
GetTempFileNameA
GetTickCount
FreeLibrary

lz32

LZClose
LZCopy
LZOpenFileA

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegCloseKey

Sections

.text
Size: 89KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb37267fc5ea881b4b3974dc7449094e

Headers

File Characteristics

Imports

kernel32

lz32

setupapi

advapi32

Sections

.text Size: 89KB - Virtual size: 484KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 484KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB