eff3e37d0406c818e3430068d90e7ed2f594faa6bb146ab0a1c00a2f4a4809a5

General

Target

eff3e37d0406c818e3430068d90e7ed2f594faa6bb146ab0a1c00a2f4a4809a5
Size

128KB
MD5

1ecd83ee7e4cfc8fed7ceb998e75b996
SHA1

eddb7228e2f8b7a99c4c32a743504ed3c16b5ef3
SHA256

eff3e37d0406c818e3430068d90e7ed2f594faa6bb146ab0a1c00a2f4a4809a5
SHA512

ae8f0fe44ea383ee12902bd0ee90c065758fa215090397f6dac0a5b49829d9d9fb53966f2346ba91e93ad3201e3ea7fcccb8b37951038a22f83768bae885a392
SSDEEP

3072:Kn13mR+uvEuCBlMclG4te7DFQstzN29ZfyXZM5QVj+XZ4dC:KneZvrRclG4mF5qZfyO2AJWC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eff3e37d0406c818e3430068d90e7ed2f594faa6bb146ab0a1c00a2f4a4809a5

Files

eff3e37d0406c818e3430068d90e7ed2f594faa6bb146ab0a1c00a2f4a4809a5
.exe windows:4 windows x86 arch:x86

ab0a18e7eeb616a8450422ace3337546

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetFileSizeEx
Sleep
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
GetVersionExA
GetLocaleInfoA
SetErrorMode
GetTickCount
GetProcAddress
LoadLibraryA
SetFilePointer
CreateFileA
CloseHandle
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryA
LocalFileTimeToFileTime
CreateDirectoryA
GetFileAttributesA
SetFileTime
WriteFile
SetStdHandle
IsBadCodePtr
IsBadReadPtr
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
SetUnhandledExceptionFilter

user32

MessageBoxA
wsprintfA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab0a18e7eeb616a8450422ace3337546

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 52KB - Virtual size: 51KB