d45a86ac06e4358727437db9d07b311d97869d7073cd74f8d8e41c474d4c9de4

Sharing

Copy URL Twitter E-mail

General

Target

d45a86ac06e4358727437db9d07b311d97869d7073cd74f8d8e41c474d4c9de4
Size

100KB
MD5

432d81ab20d5cda99e7adfb1bdf7fefb
SHA1

8ae40b09e658fcd9a1ea372acc60b6364c7c16bc
SHA256

d45a86ac06e4358727437db9d07b311d97869d7073cd74f8d8e41c474d4c9de4
SHA512

d592eff03aa71bec696f8b974d5d9ff2f7661ce9cc8ac775cf6ff936fb1b96914bb2939ada08ab151ba06f8ab6ed84ac65fa1f43fc0bc41f04632ac2f0b88cf3
SSDEEP

1536:6ujx9DWHjlbTIzRS5UKx1oBUuGAfv4kezlrVRtPJRI1:/XWhN55xohsFtPJRI1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d45a86ac06e4358727437db9d07b311d97869d7073cd74f8d8e41c474d4c9de4

Files

d45a86ac06e4358727437db9d07b311d97869d7073cd74f8d8e41c474d4c9de4
.exe windows:4 windows x86 arch:x86

61677113d2d58c86edb53b97bb056347

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW

shlwapi

PathAppendW

kernel32

DeleteCriticalSection
GetLocaleInfoW
LCMapStringW
LCMapStringA
HeapSize
LoadLibraryA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
CopyFileW
CreateDirectoryW
WriteFile
OutputDebugStringA
GetProcAddress
LoadLibraryW
FreeLibrary
CloseHandle
CreateFileA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThreadId
SetLastError
TlsFree
GetLastError
HeapFree
HeapAlloc
RaiseException
RtlUnwind
InterlockedIncrement
InterlockedDecrement
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
SetFilePointer
MultiByteToWideChar
TlsGetValue
TlsAlloc
TlsSetValue

user32

UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
DestroyWindow
DialogBoxParamA
PostMessageA
EndDialog
wsprintfW
ShowWindow
CreateWindowExA
LoadAcceleratorsA
SetWindowTextA

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61677113d2d58c86edb53b97bb056347

Headers

File Characteristics

Imports

shell32

shlwapi

kernel32

user32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 4KB