abaa48e6dc7a2addff6e46d1431b045c

General

Target

abaa48e6dc7a2addff6e46d1431b045c
Size

149KB
MD5

abaa48e6dc7a2addff6e46d1431b045c
SHA1

7497168102d620104ca247a0449d26103f60ba5a
SHA256

3b293eab90a630a8402796ce37d25619c0a3eae129c8b099b72bfcf8dc5f9f17
SHA512

43d4491d37923fbf3d958ed67e8fda0b696cf632b91c5f015baa5e59e001fcecd1d7305451402c66edc4ea29330bed07427e5f1abc9318faa2ada1a9e4839f66
SSDEEP

3072:dhYEjO/x5GoPt3ffv0wf6gNLUxJkic1wX2gyj1M:Tl25VFnvVfTtUzfc1wXnYM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abaa48e6dc7a2addff6e46d1431b045c

Files

abaa48e6dc7a2addff6e46d1431b045c
.exe windows:4 windows x86 arch:x86

c52e51088ea519de8cc6992767d212ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
GetModuleFileNameA
DeleteFileA
MultiByteToWideChar
lstrlenA
GetProcAddress
LoadLibraryA
WinExec
Sleep
CreateFileA
CreateMutexA
lstrcatA
GetWindowsDirectoryA
GetLocalTime
GetPrivateProfileStringA
SetFileAttributesA
GetSystemDirectoryA
CopyFileA
lstrcpyA
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
WriteFile
CloseHandle
GetLastError
FreeResource
GetACP
GetCPInfo
IsBadCodePtr
GetStringTypeW
IsBadReadPtr
SetUnhandledExceptionFilter
SetEndOfFile
SetStdHandle
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy

user32

DispatchMessageA
GetMessageA
SetTimer
PostMessageA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

shlwapi

PathFileExistsA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c52e51088ea519de8cc6992767d212ea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 108KB - Virtual size: 108KB