a59e4ace82fa4ad4d9a5e0c0ae9eedafb5749d7837d86167f027f34a84415acc

General

Target

a59e4ace82fa4ad4d9a5e0c0ae9eedafb5749d7837d86167f027f34a84415acc
Size

91KB
MD5

64a283fed43d7ae5006748316a40f385
SHA1

3391670b95c5f9eb7dba9c9cbde71d4a1e444ef5
SHA256

a59e4ace82fa4ad4d9a5e0c0ae9eedafb5749d7837d86167f027f34a84415acc
SHA512

107766349ee15f5ebf6350993c27375a99ee7e525cab9608d312d8ea71c510eeeeff54eb97002f32157741ef73297c1aa8b73739b86d843469f959203af64ee8
SSDEEP

384:UgE1NNuCTzgFb/Z+fSlVe8b3XI+0DzGpnb0Yovn1HeKNqhcOwcNWP6W2W84WuRcr:TE1Nt98zOanbCc96/Y8R1ydcleMrz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a59e4ace82fa4ad4d9a5e0c0ae9eedafb5749d7837d86167f027f34a84415acc

Files

a59e4ace82fa4ad4d9a5e0c0ae9eedafb5749d7837d86167f027f34a84415acc
.exe windows:5 windows x86 arch:x86

040053c58d9dd917bdee8b0ffd030ef0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winsta

WinStationEnumerateW
WinStationFreeMemory
WinStationGetTermSrvCountersValue
WinStationOpenServerW
WinStationQueryInformationW

utildll

StrConnectState
StrAsyncConnectState

user32

wvsprintfW
CharToOemW
wsprintfW
LoadStringW

ntdll

memmove
wcstoul
wcscmp
VerSetConditionMask
_wcsnicmp
iswdigit
wcstol
wcsncpy
_ultoa
wcschr
wcslen
wcscpy
_wcslwr
wcscat

msvcrt

free
vfwprintf
vswprintf
fwprintf
_wcsdup
_c_exit
_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
wprintf
printf
setlocale
malloc
fprintf
_iob
fflush

kernel32

WideCharToMultiByte
GetLastError
MultiByteToWideChar
GetACP
GetOEMCP
LocalFree
LocalAlloc
FreeLibrary
LoadLibraryW
SetLastError
WriteConsoleW
GetFileType
GetModuleHandleA
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetCommandLineW
VerifyVersionInfoW
FormatMessageW
GetModuleHandleW
GetStdHandle

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

040053c58d9dd917bdee8b0ffd030ef0

Headers

DLL Characteristics

File Characteristics

Imports

winsta

utildll

user32

ntdll

msvcrt

kernel32

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 1024B - Virtual size: 19KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 1024B - Virtual size: 19KB

.rsrc
Size: 44KB - Virtual size: 44KB