b5934a866ba15bd5e5d4d9e1043216ce

General

Target

b5934a866ba15bd5e5d4d9e1043216ce
Size

88KB
MD5

b5934a866ba15bd5e5d4d9e1043216ce
SHA1

a3101798a6827c2e45642c08ad43b6b924f57e00
SHA256

323b6abc123c49fcecaa62f766cb50569fa4c2592efa227ba2ec9f7f725214b3
SHA512

968e1e2c38c80fe4375d454c3f506484d0e7e4ebe0ccbbbe984171bb9d52bb0b7457c03015a85307b50967e3eeb38f50d6c5be416621b8e74642e1ec2ce2eaa2
SSDEEP

1536:gsRDLBMXps/70tkzWL0lStFPIHERN2WhDYin7eDtyyxgU:LLII70+io8QAjYByyxg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5934a866ba15bd5e5d4d9e1043216ce

Files

b5934a866ba15bd5e5d4d9e1043216ce
.exe windows:4 windows x86 arch:x86

64ef870b19a6abf646b40e305e3b98ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
FindNextFileA
FindClose
TerminateProcess
GetLastError
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
IsBadWritePtr
IsBadReadPtr
HeapValidate
CloseHandle
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
ExitProcess
WritePrivateProfileStringA
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
VirtualAlloc
SetStdHandle
FlushFileBuffers
SetConsoleCtrlHandler
CreateFileA
GetStringTypeA
GetStringTypeW
SetFilePointer
SetEndOfFile
ReadFile

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ef870b19a6abf646b40e305e3b98ec

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 15KB - Virtual size: 23KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 15KB - Virtual size: 23KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB