d51baadde4d5faf3c87e667140caaf30bb34dc0730dd107f2d2387f62322424a

General

Target

d51baadde4d5faf3c87e667140caaf30bb34dc0730dd107f2d2387f62322424a
Size

137KB
MD5

e4b20f7bea4c40dc59053ad61db82b49
SHA1

c47d6dc1be5f4ad82d96639af1ed6bd9219e5f33
SHA256

d51baadde4d5faf3c87e667140caaf30bb34dc0730dd107f2d2387f62322424a
SHA512

1d6465a57d7f2fd3285ad43efd5d62a5193566b11424d248d7c4a05197902be1e3b270b42236d7f976ccd9e0d44417aaeef1abb6513a7cd3d369d7f357f85202
SSDEEP

3072:fk/oEfqrrn9+UTtAI78tjX1CU2A2PcNWW2:flEqrn9+UTOQTo32

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d51baadde4d5faf3c87e667140caaf30bb34dc0730dd107f2d2387f62322424a

Files

d51baadde4d5faf3c87e667140caaf30bb34dc0730dd107f2d2387f62322424a
.exe windows:4 windows x86 arch:x86

1f3b494f99fba2339842e1dd329eb17d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CloseHandle
GetLastError
GetCurrentDirectoryA
GetCurrentProcess
FormatMessageA
SetCurrentDirectoryA
LoadLibraryA
LocalAlloc
GetModuleHandleA
GetVersionExA
LocalFree
CreateThread
WaitForSingleObject
ExitProcess
SetEnvironmentVariableA
GetProcAddress
lstrlenA
HeapFree
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesA
GetDriveTypeA
GetFullPathNameA
GetCommandLineA
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
SetEndOfFile
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
CreateFileA
SetStdHandle
HeapSize
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ReadFile
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f3b494f99fba2339842e1dd329eb17d

Headers

File Characteristics

Imports

winmm

kernel32

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 42KB