b89a4140ca889add1402484dddab7dbb

General

Target

b89a4140ca889add1402484dddab7dbb
Size

164KB
MD5

b89a4140ca889add1402484dddab7dbb
SHA1

0d58621c7c11264a62dfc73e2359046b03ffa4b5
SHA256

877d01bfa109ec6e7c0676cc5b68c912256f4ac9e4249fc85de4d7e722069bd3
SHA512

1c66e9997cd70863361e29721b996288e8ba064547e03ef5477d734c020b1529d850f8d84fc0c5dcdbe8697049c9c063a346e877b9ef18ac44669bdb368db6e9
SSDEEP

3072:LjPTL9T4dH9sbCoEu2ZNn5CmEhIAsdxn6sM0TZMl9VJdzh5vaBAzQCKE:HPHkdsbGV5CmEhIAsdxn6sM0TZMl9VJN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b89a4140ca889add1402484dddab7dbb

Files

b89a4140ca889add1402484dddab7dbb
.exe windows:4 windows x86 arch:x86

38b64beb823baa72b4be1c8cfd9667b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
CopyFileA
FindClose
FindNextFileA
GetModuleHandleA
MultiByteToWideChar
GetStringTypeW
GetModuleFileNameA
CloseHandle
MoveFileA
GetCurrentDirectoryA
CreateDirectoryA
Sleep
FindFirstFileA
DeleteFileA
GetStringTypeA
LCMapStringW
LCMapStringA
SetEndOfFile
ReadFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
HeapAlloc
GetLastError
WriteFile
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
SetFilePointer
FlushFileBuffers
SetStdHandle
CreateFileA
IsBadReadPtr

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

38b64beb823baa72b4be1c8cfd9667b3

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

wininet

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 76KB - Virtual size: 82KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 76KB - Virtual size: 82KB