a24b59d45c0b04b177538d9377683e54acd9bc6bfffa5925912455842b287a83

General

Target

a24b59d45c0b04b177538d9377683e54acd9bc6bfffa5925912455842b287a83
Size

536KB
MD5

342eb9304eaf4d130e404aa60deea3e5
SHA1

954fa2faf4eedfdfeb19b80e015c04593eddd550
SHA256

a24b59d45c0b04b177538d9377683e54acd9bc6bfffa5925912455842b287a83
SHA512

c16b0ea3feec93966d62588d191edf17e507f880fa25bd7995c4e508684cbac41e8e48bda98f86a8e79abe277c4435eec7390f277023b51c659bfa9b31e0eb78
SSDEEP

12288:MVLvbN4EyEA+kzIKiu4w4r1S1nlxLgW5GQ7XLPa:MtTNOViHk1nlxceGiXja

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a24b59d45c0b04b177538d9377683e54acd9bc6bfffa5925912455842b287a83

Files

a24b59d45c0b04b177538d9377683e54acd9bc6bfffa5925912455842b287a83
.exe windows:4 windows x86 arch:x86

c1277a09b2b814fc82a0a55f07f765dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
GetTempPathA
WaitForSingleObject
CreateThread
GetFileSize
SetFileAttributesA
GetModuleFileNameA
HeapReAlloc
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
IsBadWritePtr
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
GetLastError
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
SetUnhandledExceptionFilter
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RaiseException
ReadFile

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1277a09b2b814fc82a0a55f07f765dd

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 19KB

.sxdata Size: 4KB - Virtual size: 124B

.rsrc Size: 456KB - Virtual size: 455KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 19KB

.sxdata
Size: 4KB - Virtual size: 124B

.rsrc
Size: 456KB - Virtual size: 455KB