c9246c85265ce6e0dd271aaa77d82a50

General

Target

c9246c85265ce6e0dd271aaa77d82a50
Size

44KB
MD5

c9246c85265ce6e0dd271aaa77d82a50
SHA1

bbc1231c67b80dee1d786beebee2bc9c021b6653
SHA256

87b20beb01bb6df45f85c23c53b13d92e2db00a8867dbeab1bc410420f3eaf1d
SHA512

bd63cbfce8302f4c376831c28c0b6cbc9e15bde54cd0cedfe2590afb55d8662d3d9d406101b77cd56e7f5f615b9d4d07da0f8af82f3758eaa00bb69c265a40cb
SSDEEP

384:aliL2iNnwqcHPbsquC3DqXBCmFF0ckqCXvpyxXZPmX/6o2HDYFtluQZp6YFtl:GFixbcDsqZ3mXfIhsXZE/6owYFDkYFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9246c85265ce6e0dd271aaa77d82a50

Files

c9246c85265ce6e0dd271aaa77d82a50
.exe windows:4 windows x86 arch:x86

a331404ba67a8292fa1066fe33b26d79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lclose
_lread
_lwrite
GlobalFree
GlobalAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
SetEndOfFile
_llseek
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
WideCharToMultiByte
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
OpenFile
HeapAlloc
VirtualAlloc
VirtualFree
GetWindowsDirectoryA
GetVersionExA
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
FreeEnvironmentStringsA
GetVersion
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW

user32

LoadIconA
EndDialog
DefWindowProcA
DestroyWindow
DialogBoxParamA
BeginPaint
GetClientRect
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
UpdateWindow
MessageBoxA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA
GetDC
ReleaseDC

gdi32

GetDIBits
CreateCompatibleBitmap
DeleteObject
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a331404ba67a8292fa1066fe33b26d79

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 7KB