97162c00659275c6c2b4d333e928a779

General

Target

97162c00659275c6c2b4d333e928a779
Size

111KB
MD5

97162c00659275c6c2b4d333e928a779
SHA1

be177939fe2be9a888f443787348763fbc5ac873
SHA256

8e2f16dbb072a16622a48e9d2c7220424efc3cde1599c8626186d08975a971f3
SHA512

0fd3cf31a1acb95abc72ef0d8e2bf61ce0275d12c359e8254a25eb4c1550e6eecfca8844dcc1153b81668e8878477d5111f8c8990d1480c39c1ad6121f6ea84a
SSDEEP

1536:0aaX/cn6dbFb40vtQBJPnXzevDraMYXRvVdDU8zGiLcqMz2L8788vQdvE++xnAi+:0vCzevyfBvLQJOs2L8784BAM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97162c00659275c6c2b4d333e928a779

Files

97162c00659275c6c2b4d333e928a779
.exe windows:5 windows x86 arch:x86

de89ade8b4aa70006d0cbd8277684de6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_snwprintf
wcsncpy
wcscat
wcscpy
wcslen
wcscmp
wcsrchr
swprintf
_wtoi
RtlUnwind
NtQuerySystemInformation
_chkstk
wcstoul
wcsstr
_wcsicmp

ole32

OleInitialize
OleUninitialize
CoTaskMemFree
PropVariantClear

query

?CIShutdown@@YGXXZ
LoadIFilter

msvcrt

??2@YAPAXI@Z
exit
_beginthreadex
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fclose
??3@YAXPAX@Z
__p__iob
fputwc
_wfopen
fwprintf
_wasctime
localtime
time
printf
_vsnwprintf
_exit
_XcptFilter
__p___winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
wprintf
wcstok

kernel32

FindClose
VirtualAlloc
VirtualFree
GetPrivateProfileStringW
GetPrivateProfileIntW
DebugBreak
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineW
SetEvent
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSection
CreateSemaphoreW
GetLastError
CreateEventW
WaitForMultipleObjects
CloseHandle
GetFullPathNameW
GetFileAttributesW
FindFirstFileW
Sleep
FindNextFileW

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de89ade8b4aa70006d0cbd8277684de6

Headers

File Characteristics

Imports

ntdll

ole32

query

msvcrt

kernel32

Sections

.text Size: 57KB - Virtual size: 56KB

.data Size: 512B - Virtual size: 336B

.text
Size: 57KB - Virtual size: 56KB

.data
Size: 512B - Virtual size: 336B