3f517eb0c88b7ee4ab48596d1b8acc21ff3755bbfd0a34d24a0011aaf312946e

General

Target

3f517eb0c88b7ee4ab48596d1b8acc21ff3755bbfd0a34d24a0011aaf312946e
Size

224KB
MD5

342634160052e25d741b58341d01add0
SHA1

27392266ec855f387d897253d48085341076c072
SHA256

3f517eb0c88b7ee4ab48596d1b8acc21ff3755bbfd0a34d24a0011aaf312946e
SHA512

3bf909485ffc63079ecdf042275af216be5789c3ef177aa5b9557b517470c608614e3d5a64c509bb4f983438265ac046b9880ce7de7bcf9eb78045827fc28afa
SSDEEP

3072:zeloC12eXtMf0CTFsXUxVKA8Qm0Hjp0pVoK:ze/1HXtMfFTmkxVKAfHjpGh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f517eb0c88b7ee4ab48596d1b8acc21ff3755bbfd0a34d24a0011aaf312946e

Files

3f517eb0c88b7ee4ab48596d1b8acc21ff3755bbfd0a34d24a0011aaf312946e
.exe windows:4 windows x86 arch:x86

ef820d75282512238b9adadf14c7b58e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
GetLastError
CloseHandle
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetProcAddress
GetModuleHandleA
DebugBreak
InterlockedDecrement
OutputDebugStringA
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
IsBadWritePtr
IsBadReadPtr
HeapValidate
FlushFileBuffers
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetStdHandle
SetConsoleCtrlHandler
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadCodePtr

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef820d75282512238b9adadf14c7b58e

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 23KB

.idata Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 23KB

.idata
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB