c8e41996b477d5f0bb3b1d8aeba1e094

General

Target

c8e41996b477d5f0bb3b1d8aeba1e094
Size

3.4MB
MD5

c8e41996b477d5f0bb3b1d8aeba1e094
SHA1

ff041f6ec55d4c389cadb3602a053265e1e6e3c6
SHA256

581ec8d7797a85aa1a9f6b26e729d5cec2f62156ec38fb287bded86768f43679
SHA512

aceb14ac7a2c77a572f95fd0ab3b9ff5f1d3edeaf4fd1ee78f8d70d5919088dcbad16ef48d76ea5f3e008c781a601a52dc2fadf3bea78cd785bd8331de82976a
SSDEEP

49152:YmGoL8lBSBTGPnxCJbk0cX1VVdP6ljR21IuNJ9iYQjbBT3g5VsRnBKA5n+D3q9yk:zG28lB2TGPnsu0cXXpI6J94FugrED6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e41996b477d5f0bb3b1d8aeba1e094

Files

c8e41996b477d5f0bb3b1d8aeba1e094
.exe windows:4 windows x86 arch:x86

b63f2b561ad66875fadd6f6fab17aea9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetModuleHandleW
GetProcAddress
FreeLibrary
HeapFree
HeapAlloc
DeleteCriticalSection
CreateFileW
GetModuleFileNameW
FindClose
ReadFile
RaiseException
GetFileType
HeapReAlloc
FlushFileBuffers
HeapSetInformation
WriteConsoleW
LoadLibraryW
CreateThread
GetCPInfo
TlsFree
SetFilePointer
GetFileAttributesW
CompareStringW
GetStringTypeW
LCMapStringW
GetModuleFileNameA
GetOEMCP
GetEnvironmentStringsW
DeleteFileW
VirtualAlloc
LocalAlloc
DecodePointer
SetEndOfFile
GetVersionExW
ReleaseMutex
CreateFileA
OutputDebugStringW
LoadLibraryA
UnmapViewOfFile
GetExitCodeProcess
CreateProcessW

user32

TranslateMessage
LoadStringW
DispatchMessageW
ShowWindow
ReleaseDC
MessageBoxW
PostQuitMessage
CreateWindowExW
GetWindowLongW
GetSystemMetrics
GetDC
PostMessageW
EnableWindow
EndDialog
LoadIconW
SetFocus
GetSysColor
EndPaint
BeginPaint
KillTimer
RegisterClassW
EnableMenuItem
GetWindowTextW
UpdateWindow
GetKeyState
MessageBoxA

Sections

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b63f2b561ad66875fadd6f6fab17aea9

Headers

File Characteristics

Imports

kernel32

user32

Sections

.data Size: - Virtual size: 612KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.idata Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 612KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 1KB