495d2933759e292b60b9c57806fa5376edab9770178eb9f33f27660f2228c06a

General

Target

495d2933759e292b60b9c57806fa5376edab9770178eb9f33f27660f2228c06a
Size

40KB
MD5

f403a61614fd91793e79802c5add0ffb
SHA1

941b09c6f5801310c6e94b24df8f7a3df1897c21
SHA256

495d2933759e292b60b9c57806fa5376edab9770178eb9f33f27660f2228c06a
SHA512

5996d114c8edcebfba8a08589bd840090b5b60184ea0269d46ed0b04974703f9f38f2776463a7f086e8f2fd819255a0297723bb047037baf81244ab5c5451ed9
SSDEEP

384:XaBSse/zoWUTxdkjtEUIClIiDwRSb1ZNaA+oiLWwWUSlW/AGjNggvzDB+:CSV/zoWUTXMIUTtVa2ZpWoSBrD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
495d2933759e292b60b9c57806fa5376edab9770178eb9f33f27660f2228c06a

Files

495d2933759e292b60b9c57806fa5376edab9770178eb9f33f27660f2228c06a
.exe windows:4 windows x86 arch:x86

c44e996067d9220f2fdb8766c6f0d141

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Source\TheFileSplitter\CombinePieces\Release\CombinePieces.pdb

Imports

comctl32

ord17
ord6

kernel32

GetCurrentDirectoryA
CloseHandle
GetFileSize
CreateFileA
GetDiskFreeSpaceExA
GetFileAttributesA
CreateDirectoryA
WriteFile
ReadFile
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
VirtualFree
HeapCreate
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapAlloc
HeapFree
GetProcAddress
TerminateProcess
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapSize

user32

DialogBoxParamA
EndDialog
EnableWindow
LoadCursorA
SetCursor
LoadIconA
GetWindowRect
CreateWindowExA
GetWindowTextA
MessageBoxA
SendMessageA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadStringA
wsprintfA
GetDlgItem
SetWindowTextA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c44e996067d9220f2fdb8766c6f0d141

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB