b50db1a2d24854ecc83ecbb5dd441de3

General

Target

b50db1a2d24854ecc83ecbb5dd441de3
Size

52KB
MD5

b50db1a2d24854ecc83ecbb5dd441de3
SHA1

77f843d14ab368bb5e4fe8e1d161dca98850f4fd
SHA256

ab0ec526efc214c9c6c9c0136de6c918fbd819cae89c0e07d9b17f89941416a2
SHA512

a14a1240c700e1b40d207d18b12a92ba34d32e1ee4613374e8fbe55dd934c772eff7f44c415de5a665f22635e15cbfc77d7cda3fe1e9349b8a518703765f5110
SSDEEP

768:5qwKrNusbmsYJ8AQ6XorgbfJECG5WtqVTsqYHlZ:5NVsUbYrkREzMAVCl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b50db1a2d24854ecc83ecbb5dd441de3

Files

b50db1a2d24854ecc83ecbb5dd441de3
.exe windows:4 windows x86 arch:x86

e00aac282b5b82e4ed1e7dbf55b6dead

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrcatA
lstrcpynA
GetTempFileNameA
CloseHandle
GetSystemDirectoryA
lstrcpyA
CompareStringW
CompareStringA
LoadLibraryA
GetProcAddress
DeleteFileA
Sleep
lstrlenA
GetProcessHeap
HeapAlloc
GetVersionExA
GetTempPathA
HeapFree
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetEnvironmentVariableA

user32

TranslateMessage
LoadStringA
CharNextA
GetMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueA

shell32

ShellExecuteA

wininet

InternetReadFile
HttpQueryInfoA
InternetSetOptionA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

setupapi

SetupIterateCabinetA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e00aac282b5b82e4ed1e7dbf55b6dead

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

setupapi

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB