b95e6168c04c331ff46d283d6c81577a

General

Target

b95e6168c04c331ff46d283d6c81577a
Size

48KB
MD5

b95e6168c04c331ff46d283d6c81577a
SHA1

6ed59e90a0ff653e4ab254a99182814c8d481ae7
SHA256

898286fc5c699a49f0ca888b6e7004990298af4715c63a0b18454815affc0ba2
SHA512

3d553b36e912f8d5aa9185f69777366bc7f9d3c244ad6aa70e3c474e0cdff0d0d39b0ae0f3aaee46a67b15300fab4ce3987731063933b20bb776bb6bc3b42cfd
SSDEEP

1536:kBPmMHcRStcT7Ua1mDPWdSgZqaJ/wyqHn:c7HcwyPU5rgZ5J/qHn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b95e6168c04c331ff46d283d6c81577a

Files

b95e6168c04c331ff46d283d6c81577a
.exe windows:4 windows x86 arch:x86

35c2295b61de5cab69c64f13f95e42ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
CreateFileA
GetStringTypeW
lstrcatA
SetHandleCount
lstrcpynA
GetACP
LCMapStringA
WriteFile
TerminateProcess
GetCurrentProcess
LCMapStringW
GetStringTypeA
GetOEMCP
GetVersion
GetCPInfo
MultiByteToWideChar
SetFilePointer
GetCommandLineA
GetModuleFileNameA
GetStdHandle
lstrcpyA
GetFileType
lstrcpynW

user32

CopyRect
DrawIcon
DrawIconEx
IsMenu
DrawTextW
GetFocus
InsertMenuA
CopyImage
IsWindow
GetMenu
CloseWindow
CopyIcon
GetWindowTextA
LoadCursorA
GetDlgItem
CreateIcon
EndDialog
GetCursor
DrawTextA
DialogBoxParamA
LoadMenuA
GetDC
GetWindowTextLengthA
DialogBoxParamW

comctl32

MenuHelp
InitCommonControls
DrawStatusText
ImageList_DragEnter
ImageList_GetIcon
ImageList_EndDrag
ImageList_GetIconSize
DllGetVersion
ImageList_Create
CreateToolbar

advapi32

RegEnumKeyW
RegSetValueW
RegCreateKeyExW
RegEnumKeyExA
RegQueryValueExW
RegEnumValueA
RegDeleteKeyW
RegQueryValueExA
RegQueryValueA
RegDeleteValueW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 16.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35c2295b61de5cab69c64f13f95e42ff

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 42KB - Virtual size: 16.6MB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 42KB - Virtual size: 16.6MB