b71d7fa1e29715f5cc4570597fca459e

General

Target

b71d7fa1e29715f5cc4570597fca459e
Size

140KB
MD5

b71d7fa1e29715f5cc4570597fca459e
SHA1

1e7062b616f5a84ab61184d51dd538fc139d7cb8
SHA256

6b52d07bb458ebf42e94bc457f572914da6a6c66c1ca2820f779807b869556ea
SHA512

fa1f10cf92bd700d573ee9f4463c76b4d395b5ae526ab7dec79e26f96106cd73ec34b8d7c222be3682b7ec16759d36e4d9b1789147a0a0919372ab94a341c4d3
SSDEEP

1536:p3JibokR/VUXQEMIOjdMsPevbfn/AlY708HvE9HfQFmsbLRALhhgUXTW4Yjk:dXQE3DsGTolX8P8HfQAsbuLvYo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b71d7fa1e29715f5cc4570597fca459e

Files

b71d7fa1e29715f5cc4570597fca459e
.exe windows:4 windows x86 arch:x86

75ee4f6bfe31a433338bd06d66b94331

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA

psapi

GetModuleFileNameExA

kernel32

GetCurrentProcessId
SetStdHandle
HeapSize
GetStringTypeW
FreeResource
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
GetTickCount
GetThreadContext
GetCurrentThread
CloseHandle
ReadFile
GetFileSize
CreateFileA
LoadLibraryA
GetModuleHandleA
VirtualAlloc
GetProcAddress
IsBadReadPtr
VirtualProtect
VirtualFree
CreateThread
CreateProcessA
GetStartupInfoA
GetCurrentProcess
GetCommandLineA
WriteProcessMemory
VirtualAllocEx
SetThreadContext
ResumeThread
ExitProcess
GetVersionExA
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
IsBadWritePtr
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
GetLocaleInfoA
GetSystemInfo
GetStringTypeA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75ee4f6bfe31a433338bd06d66b94331

Headers

File Characteristics

Imports

user32

psapi

kernel32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 72KB - Virtual size: 69KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 72KB - Virtual size: 69KB

.reloc
Size: 4KB - Virtual size: 2KB