c889795f72f67bba0bf3d059bff0ef66

General

Target

c889795f72f67bba0bf3d059bff0ef66
Size

608KB
MD5

c889795f72f67bba0bf3d059bff0ef66
SHA1

e9ca030a52a302defaf72b158f982b3d18c26f3e
SHA256

f0b48bc47ab3ef1f75a050c977488f921c89c1bbf6a99db4358317635a6b74f5
SHA512

e05c9efb36f95c7f0b0d0b5204a95c20030aa5bd220a06c8a829703045e6cdc18f883b0bf9d04eeceebab7128e6c1d3004944f55cce4c6725a051c4e25de2982
SSDEEP

12288:3XO2bbdyMtB4TlNozyZFk72MxrnDTkz7j/dc1Zgva4WnsD+:3XO2UY4TiY42MZTkL2OMsC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c889795f72f67bba0bf3d059bff0ef66

Files

c889795f72f67bba0bf3d059bff0ef66
.exe windows:4 windows x86 arch:x86

ac40c8b7b9a43ca1c45e58a179e3c3ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
DeleteFileW
VirtualAlloc
InterlockedIncrement
GetCurrentThreadId
GetTickCount
SetEndOfFile
GetFileType
Sleep
InterlockedDecrement
CreateEventA
HeapCreate
GetEnvironmentVariableA
CreateEventW
TerminateProcess
SetFileAttributesA
GetACP
lstrcpynA
GetSystemTimeAsFileTime
CloseHandle
GetStartupInfoA
WriteFile
SetUnhandledExceptionFilter
FindFirstFileA
SetFilePointer
GetStringTypeA
CreateThread
SetStdHandle
GetProcessHeap
GetProcAddress
GetCommandLineA
FreeEnvironmentStringsW
LoadLibraryExW
UnhandledExceptionFilter
LockResource
GetCurrentProcessId
GetLocaleInfoA
GetCurrentProcess
GetModuleFileNameA
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
ExitProcess
IsDebuggerPresent
QueryPerformanceCounter
FreeLibrary
WaitForSingleObject
GetFileAttributesA
lstrlenA
GetConsoleOutputCP
HeapAlloc
GetModuleHandleA
GetVersion
FreeEnvironmentStringsA
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
VirtualFree
HeapFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW

user32

ShowWindow
PostQuitMessage
SetWindowLongA
SetWindowPos
SetFocus
CheckMenuItem

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 548KB - Virtual size: 545KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac40c8b7b9a43ca1c45e58a179e3c3ea

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 548KB - Virtual size: 545KB

.data Size: 32KB - Virtual size: 33KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 548KB - Virtual size: 545KB

.data
Size: 32KB - Virtual size: 33KB