8131b60da27b009376e35f96696d027b6b2b26b4034d68ca07885e720fb5ef4b

General

Target

8131b60da27b009376e35f96696d027b6b2b26b4034d68ca07885e720fb5ef4b
Size

137KB
MD5

da29cc5847cd4dcba022dd2121d6e6ed
SHA1

7f7b1a1a743d5c36b87904d73f150ee1a2acb401
SHA256

8131b60da27b009376e35f96696d027b6b2b26b4034d68ca07885e720fb5ef4b
SHA512

7d545a66ffcec029efb6d458eba6ee0cee8c6953090ae853125a9fa070b2e6c32a0c3282558b2bc619ae69feeade83dd1a7c1d850de244b3434c4a073797772c
SSDEEP

3072:vk/oEfqrrn9+UTtAI78tCm9tWflVDDnm7mE:vlEqrn9+UTjrOyE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8131b60da27b009376e35f96696d027b6b2b26b4034d68ca07885e720fb5ef4b

Files

8131b60da27b009376e35f96696d027b6b2b26b4034d68ca07885e720fb5ef4b
.exe windows:4 windows x86 arch:x86

1f3b494f99fba2339842e1dd329eb17d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CloseHandle
GetLastError
GetCurrentDirectoryA
GetCurrentProcess
FormatMessageA
SetCurrentDirectoryA
LoadLibraryA
LocalAlloc
GetModuleHandleA
GetVersionExA
LocalFree
CreateThread
WaitForSingleObject
ExitProcess
SetEnvironmentVariableA
GetProcAddress
lstrlenA
HeapFree
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesA
GetDriveTypeA
GetFullPathNameA
GetCommandLineA
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
SetEndOfFile
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
CreateFileA
SetStdHandle
HeapSize
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ReadFile
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f3b494f99fba2339842e1dd329eb17d

Headers

File Characteristics

Imports

winmm

kernel32

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 42KB