8f096e3b5ecd2aca35794a85f8b76093b3968a8737e87e8008710b4014c779e3

Sharing

Copy URL Twitter E-mail

General

Target

8f096e3b5ecd2aca35794a85f8b76093b3968a8737e87e8008710b4014c779e3
Size

201KB
MD5

b0ea835219ad8e9199a1193d5de8cfc2
SHA1

796362bd0304e305ad120576b6a8fb6721108752
SHA256

8f096e3b5ecd2aca35794a85f8b76093b3968a8737e87e8008710b4014c779e3
SHA512

5753c07f71f71dce8b726bc04357d8bcddc50d2958d7799b4504ca00c39633dc2da3cfaaba185f38a5854553b4eb6642eb222befd838a6fdc29b669518131f51
SSDEEP

6144:Jtkr4bI6d6ewcG3KVGUoLMVibf9cu92enPG6fg:ra4bIhewz3KV9oA3u92ePLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f096e3b5ecd2aca35794a85f8b76093b3968a8737e87e8008710b4014c779e3

Files

8f096e3b5ecd2aca35794a85f8b76093b3968a8737e87e8008710b4014c779e3
.exe windows:5 windows x86 arch:x86

7b5fb8a51faed81316bd68cb65afb4df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

CertImporter.pdb

Imports

crypt32

CertFindCertificateInStore
CertCloseStore
CertFreeCertificateContext
CertOpenStore

kernel32

LocalFree
GetCurrentProcess
GetLocaleInfoW
GetModuleFileNameW
LoadLibraryExW
VerSetConditionMask
VerifyVersionInfoW
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
AttachConsole
GetStdHandle
HeapSize
GetConsoleMode
GetConsoleOutputCP
GetProcessHeap
GetStringTypeW
FreeEnvironmentStringsW
FlushFileBuffers
GetFileSize
WriteFile
ReadFile
GetProcAddress
FreeLibrary
LoadLibraryW
FindClose
FindNextFileW
FindFirstFileExW
GetLastError
GetModuleHandleW
InitializeCriticalSection
SetLastError
GetEnvironmentStringsW
GetCommandLineW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
RtlUnwind
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetStdHandle
GetFileType
ExitProcess
HeapReAlloc
HeapAlloc
HeapFree
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
WriteConsoleW

advapi32

RegDeleteKeyW
RegQueryInfoKeyW
RegOpenCurrentUser
RegEnumKeyExW

shell32

CommandLineToArgvW

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b5fb8a51faed81316bd68cb65afb4df

Headers

File Characteristics

PDB Paths

Imports

crypt32

kernel32

advapi32

shell32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB