dfdb7ea6492972b06a719c93c2a93e77

General

Target

dfdb7ea6492972b06a719c93c2a93e77
Size

100KB
MD5

dfdb7ea6492972b06a719c93c2a93e77
SHA1

83a93993104e11af6dec2d0b1031c30f384a17e7
SHA256

cb9d6521c24c22ad1b8adcaeb6eddb818a8d057b19bdb12d86b9542cc01fbedb
SHA512

8bdbc5e8dcfe4f0d93927ada4b2126772694731510d2eae0db2438b1e4b2aaf4051feb59cee207dde1203dd3a214437e7b6123765cf1283e37044c58637471ff
SSDEEP

3072:ScDKMQ7Ro5chPdzsy0as8+QUHuvMIFu10F:JKqcRdzsy1FN5FF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfdb7ea6492972b06a719c93c2a93e77

Files

dfdb7ea6492972b06a719c93c2a93e77
.exe windows:4 windows x86 arch:x86

66fad62e7129ec486c2d93866bc8972f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringA

advapi32

RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHFileOperationA

kernel32

ExitProcess
GetCurrentProcess
HeapAlloc
GetStringTypeW
GetStringTypeA
GetProcAddress
CompareStringW
LoadLibraryA
LCMapStringW
LCMapStringA
CompareStringA
GetOEMCP
GetACP
MultiByteToWideChar
HeapReAlloc
GetCPInfo
WriteFile
GetLastError
RemoveDirectoryA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
VirtualAlloc
HeapFree
WideCharToMultiByte
TerminateProcess
RtlUnwind
GetEnvironmentStringsW
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66fad62e7129ec486c2d93866bc8972f

Headers

File Characteristics

Imports

user32

advapi32

shell32

kernel32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 72KB - Virtual size: 72KB