990d3791c89532bf1e4ef2d3927ec3bee53b82f78173b18e5575263fffc96473

General

Target

990d3791c89532bf1e4ef2d3927ec3bee53b82f78173b18e5575263fffc96473
Size

184KB
MD5

594065b997f901a6f6c011d30ffb9f24
SHA1

38ff1384831f4f13163d59a0bd775574fcf8b72d
SHA256

990d3791c89532bf1e4ef2d3927ec3bee53b82f78173b18e5575263fffc96473
SHA512

5c168c0b6e91b6765e6e08e25488e8752e39e629d5cce41b748dac29b9b1703530954440b5d524d6ff83d78ab6119a39ad1d6aa9c2aa9e123238e13a7c1c261a
SSDEEP

3072:eIH6lrqOrbq+hfkhu0dl+DpcaQF9O9/QhljmCg1kdYItK4UN:eIHGBm+hfkhuClMpcav/MmCKZIUZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
990d3791c89532bf1e4ef2d3927ec3bee53b82f78173b18e5575263fffc96473

Files

990d3791c89532bf1e4ef2d3927ec3bee53b82f78173b18e5575263fffc96473
.exe windows:4 windows x86 arch:x86

fb2d12da2d4c8af189e9cdf859fdef0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateWaitableTimerA
SetWaitableTimer
GetDateFormatA
GetTimeFormatA
lstrlenA
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualQueryEx
VirtualProtectEx
WriteProcessMemory
GetProcessHeap
CreateThread
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
GetTickCount
ReadFile
GetFileSize
CreateFileA
GetLocalTime
WriteFile
LCMapStringA
Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
CreateEventA
ExitProcess
OpenEventA

user32

TranslateMessage
IsWindowVisible
FindWindowExA
GetMessageA
PeekMessageA
DispatchMessageA
wsprintfA
MessageBoxA
MsgWaitForMultipleObjects
OpenIcon
IsIconic
SetWindowPos
GetClassNameA
GetWindowTextLengthA
GetWindowThreadProcessId
IsWindow
GetWindowTextA

advapi32

CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptAcquireContextA
CryptCreateHash

ws2_32

send

oleaut32

VariantTimeToSystemTime

msvcrt

??3@YAXPAX@Z
malloc
_ftol
atoi
sprintf
_stricmp
free
strncmp
__CxxFrameHandler
memmove
modf

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb2d12da2d4c8af189e9cdf859fdef0d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

oleaut32

msvcrt

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 143KB - Virtual size: 191KB

.rsrc Size: 1024B - Virtual size: 596B

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 143KB - Virtual size: 191KB

.rsrc
Size: 1024B - Virtual size: 596B