84a9a5d5fce295ed020af30c7c5b0c25585e67a3f6e974c3bebb81c029dc1b0f

General

Target

84a9a5d5fce295ed020af30c7c5b0c25585e67a3f6e974c3bebb81c029dc1b0f
Size

43KB
MD5

2021368e1b6cd9833f8a1a5e3f5abfba
SHA1

b5070d564f0115024cc464d7f46fe5f377a159fe
SHA256

84a9a5d5fce295ed020af30c7c5b0c25585e67a3f6e974c3bebb81c029dc1b0f
SHA512

72967bd4250b4eca5ea181264ad5dd1a48968069dfaaa5c2659e6128015214b062db447031481e93b59725e816e9c58062a71dfab45758168014090ab6a7341f
SSDEEP

768:0Bb2wck/+M2bPP66S+m3IUxU1ccSgjmCYC:0NPck/GLP66BdUxU1cIjmCYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84a9a5d5fce295ed020af30c7c5b0c25585e67a3f6e974c3bebb81c029dc1b0f

Files

84a9a5d5fce295ed020af30c7c5b0c25585e67a3f6e974c3bebb81c029dc1b0f
.exe windows:4 windows x86 arch:x86

a22bcaaf313dcfd5ac843d086dd393f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dciman32

DCIDestroy
DCIEnum
DCIBeginAccess
DCICloseProvider

wtsapi32

WTSEnumerateServersA
WTSTerminateProcess
WTSLogoffSession
WTSWaitSystemEvent
WTSEnumerateSessionsA
WTSSendMessageA
WTSVirtualChannelPurgeInput
WTSVirtualChannelWrite
WTSOpenServerA
WTSQueryUserToken

kernel32

CreateHardLinkA
InterlockedDecrement
GetProcessHeap
SleepEx
IsValidCodePage
GetLastError
GetStringTypeW
OpenMutexA
GetModuleHandleW
lstrcpynW
OpenMutexA
GetDiskFreeSpaceW
GetProcAddress
CreateDirectoryA
OpenMutexA
DeviceIoControl
DeleteFileA
GetCurrentProcess
GetCurrentDirectoryW
WriteConsoleW
ReplaceFileA
CompareStringW
OpenMutexA
OpenMutexA
FindFirstFileA
GetLocalTime
GetTickCount
GetDriveTypeA
CreateEventW
OpenMutexA
CreateSemaphoreW

user32

DialogBoxParamW
EnumDesktopsA
LoadImageA
CreateDesktopW
LoadCursorA
PeekMessageA
GetMessageW
IsCharLowerA
SetCursorPos
wsprintfA
DrawTextA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a22bcaaf313dcfd5ac843d086dd393f1

Headers

File Characteristics

Imports

dciman32

wtsapi32

kernel32

user32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 9KB