b3600b94e08156576f607761b7ce9ec745944f6a1f9a34a0601f6f3a43b85e28N

General

Target

b3600b94e08156576f607761b7ce9ec745944f6a1f9a34a0601f6f3a43b85e28N
Size

544KB
MD5

18fbb6308ebc0b89a71d3c30d2103310
SHA1

705d4ffb0bce4bf1c684af9933eacf3c1c05233e
SHA256

b3600b94e08156576f607761b7ce9ec745944f6a1f9a34a0601f6f3a43b85e28
SHA512

d91a17d084534a2976a89c8c7a5036fd9bb1c7585464ba4b763a6a10b34e43ec75aba1502d5f718ddf22b80cbee4856f23315d029554a83071674de491c17779
SSDEEP

12288:T7ROFDuYjEftK4tR69IGoLq5b9go+3nOat6HABqobCpRJH92tB/kz6+8:T7ROFDuYjEftl8W13nOaU4q0CFCBbP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3600b94e08156576f607761b7ce9ec745944f6a1f9a34a0601f6f3a43b85e28N

Files

b3600b94e08156576f607761b7ce9ec745944f6a1f9a34a0601f6f3a43b85e28N
.exe windows:4 windows x86 arch:x86

1990ed8ea24475d04eda97940df9d784

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GetModuleHandleA
OutputDebugStringA
GetLastError
FindFirstFileA
FindNextFileA
FindClose
LeaveCriticalSection
EnterCriticalSection
GetTempPathA
GetProcAddress
LoadLibraryA
LoadResource
FindResourceA
GetModuleFileNameA
UnmapViewOfFile
CloseHandle
MapViewOfFile
GetSystemInfo
CreateFileMappingA
FreeLibrary
InitializeCriticalSection

user32

MessageBoxA

advapi32

GetUserNameA

msvcrt

_pctype
abort
fprintf
_iob
malloc
fclose
strlen
fgets
fopen
sprintf
strcat
strcpy
free
getenv
memcmp
memcpy
strchr
strstr
localtime
time
_ftol
atol
_putenv
_isctype
__mb_cur_max
atoi
strcmp
fwrite
strncpy
fflush
fputs
vsprintf
_errno
__p__environ
perror
_open
memset
_setjmp3
_assert
_get_osfhandle
_stat
_strdup
_mkdir
_getpid
_chmod
_strnicmp
_initterm
_rmdir
_unlink
_close
_read
_lseek
__p__commode
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_except_handler3
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_controlfp
calloc

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 488KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1990ed8ea24475d04eda97940df9d784

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 9KB

.rsrc Size: 488KB - Virtual size: 486KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 488KB - Virtual size: 486KB