c0b1fb0d786268444563348795e07a7e

General

Target

c0b1fb0d786268444563348795e07a7e
Size

59KB
MD5

c0b1fb0d786268444563348795e07a7e
SHA1

b66147ce5466e40ac1e01707f2dd3c93f5922207
SHA256

42f00030793adeaab8c831deb7ac805fe89db55020b325b4f89c65d8e132de84
SHA512

d74ed6299315e10a45fb7cc7f34a32d063528077e54ebe841d16fc47c9356f0258c97b729e4f282267e926c6632482656c459045ad61309128148bfd464e24b6
SSDEEP

1536:pxIMybOGsvY9GGhBdkBaoEtWegJtyasZ:pyMybOGsAhB6aoEtTgJtsZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0b1fb0d786268444563348795e07a7e

Files

c0b1fb0d786268444563348795e07a7e
.exe windows:5 windows x86 arch:x86

b7fd77b08b31d812af0d3a81ef65b8d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\pavbld\private\av\test\tools\avstart\objfre\i386\AVStart.pdb

Imports

kernel32

CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetLastError
CreateProcessW
SetErrorMode
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetProcAddress
GetModuleHandleA
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsAlloc
InterlockedIncrement
SetLastError
InterlockedDecrement
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleW
HeapDestroy
HeapCreate
VirtualFree
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
VirtualProtect
GetSystemInfo
SetStdHandle

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b7fd77b08b31d812af0d3a81ef65b8d5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 51KB - Virtual size: 50KB

.data Size: 5KB - Virtual size: 5KB

.text
Size: 51KB - Virtual size: 50KB

.data
Size: 5KB - Virtual size: 5KB