a9e8236f07fd11f7e9eda8a595c5c887607a15c6ea4eddf7d5d1099137004b6cN

General

Target

a9e8236f07fd11f7e9eda8a595c5c887607a15c6ea4eddf7d5d1099137004b6cN
Size

120KB
MD5

dea30ff6415bd16f654d1d3cc3369820
SHA1

aa7ca6ff2425002d8c96f1580a6b675ecf6235fa
SHA256

a9e8236f07fd11f7e9eda8a595c5c887607a15c6ea4eddf7d5d1099137004b6c
SHA512

a19e31648e63684c5117b4afd377c5ce6e05984137da51df802beb5b2b3371af154efc8cadcc865b61c301a6ba7103dddc029186e57ad023f60d8eba0220802d
SSDEEP

3072:e0IW6TJcLz2lQBV+UdE+rECWp7hKh2AnG:r6mBV+UdvrEFp7hKhtnG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9e8236f07fd11f7e9eda8a595c5c887607a15c6ea4eddf7d5d1099137004b6cN

Files

a9e8236f07fd11f7e9eda8a595c5c887607a15c6ea4eddf7d5d1099137004b6cN
.exe windows:4 windows x86 arch:x86

75b239999bdc787e1816306a1f99f85b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FindClose
FindNextFileA
CreateDirectoryA
FindFirstFileA
CopyFileA
MoveFileA
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetStringTypeW
GetStringTypeA
WriteFile
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
GetLocaleInfoA
GetWindowsDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryW
GetSystemDirectoryW
LoadLibraryA
OutputDebugStringA
GetProcAddress
FreeLibrary
ReadFile
CreateFileA
GetLastError
GetFileSize
CloseHandle
lstrcpyA
GetLocalTime
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
HeapFree
HeapAlloc
TerminateProcess

user32

wsprintfA
wvsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

lz32

LZCopy
LZOpenFileA
LZClose

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75b239999bdc787e1816306a1f99f85b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

lz32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 1016B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 1016B