c196b994400f39dc45e85e84fd655d2b

General

Target

c196b994400f39dc45e85e84fd655d2b
Size

172KB
MD5

c196b994400f39dc45e85e84fd655d2b
SHA1

688823edf8e512ec0459e8482ec1d0e5430ffbff
SHA256

70f91125a64662cb48fcef4c43e94bc806bf9025fe9fb7bc4ddc4c2ecb55912a
SHA512

5b7f146a9da84991a976190501eadd1f4bbb80cc2a981b3f2d959977c7a04a3dfc59293c249180072ac974b78a1d6d1e14599b239676c417071b326ff17c2b49
SSDEEP

3072:teVPLogw6eCHEw+3Po/KEduXBqsgWEnkFMW1MlIXB+:m86dHr+g/JCBhgWt+2lx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c196b994400f39dc45e85e84fd655d2b

Files

c196b994400f39dc45e85e84fd655d2b
.exe windows:4 windows x86 arch:x86

e159381e8ae8e808c1464d48dd658709

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
LockResource
LoadResource
CloseHandle
FindResourceA
GetModuleHandleA
GetStringTypeA
LCMapStringW
lstrlenA
GetModuleFileNameA
GetShortPathNameA
lstrcpyA
lstrcatA
GetEnvironmentVariableA
GetWindowsDirectoryA
SizeofResource
WinExec
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

wsprintfA

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e159381e8ae8e808c1464d48dd658709

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 136KB - Virtual size: 135KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 136KB - Virtual size: 135KB