472f9e19afdd8eb6ef65202a31f02f60333d527173f85de55d6d2168451ee82c

General

Target

472f9e19afdd8eb6ef65202a31f02f60333d527173f85de55d6d2168451ee82c
Size

39KB
MD5

ddcb8d92192d227e8aebd91974019259
SHA1

be8d71e7b46aa76368b7289cbe3a9864f8d3d8cd
SHA256

472f9e19afdd8eb6ef65202a31f02f60333d527173f85de55d6d2168451ee82c
SHA512

c0bd77533074839da1127559076d6ef5188aedf9ef9efd93ae2d1336f8a9a82a4df5a22774d1fb3e7c1a2d919726c40c35d627c4d6970bff0ee5e141ba887885
SSDEEP

768:jfa5XKSNOwr5uOztOUZHuxrQSoyiWmJTNIU9GiMGEW4io9:jfaFFNVMAMU1ErQgmJTNI4GiZEW1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
472f9e19afdd8eb6ef65202a31f02f60333d527173f85de55d6d2168451ee82c

Files

472f9e19afdd8eb6ef65202a31f02f60333d527173f85de55d6d2168451ee82c
.dll windows:5 windows x86 arch:x86

14035f89ce09016365b8fd3e2452232c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
SetFilePointer
FileTimeToLocalFileTime
GetProcAddress
IsValidCodePage
GetDriveTypeA
TlsAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
RtlUnwind

user32

GetForegroundWindow

shlwapi

StrStrIA

advapi32

RegSetValueExW

ole32

CoTaskMemAlloc

Exports

Exports

SetBListA

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14035f89ce09016365b8fd3e2452232c

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

ole32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB