5a22c5cabf2121ee4cde0773770bf453b403c1dff811395fece7312a4a3a2b89N

General

Target

5a22c5cabf2121ee4cde0773770bf453b403c1dff811395fece7312a4a3a2b89N
Size

14KB
MD5

1f3f8fad926270e5d1e787e3ed62eec0
SHA1

e4fee117fa605cddd9681df5e0842aae3e2d4418
SHA256

5a22c5cabf2121ee4cde0773770bf453b403c1dff811395fece7312a4a3a2b89
SHA512

ecf489c5aeeda2be1630d6ce3b7feaf57c4c3492577fbadb2d2fee0d7269f16dfbed2b22ca3e984dafb45aeb0c38b434321de8583a7d6fe1d76172f61927051d
SSDEEP

192:seFhLPAykfi/dhKZnZyOsC7YG8/zo/A8twvBK8wvVaojgpUZP:sejLoykfIK+0YT/82vU7vVGWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a22c5cabf2121ee4cde0773770bf453b403c1dff811395fece7312a4a3a2b89N

Files

5a22c5cabf2121ee4cde0773770bf453b403c1dff811395fece7312a4a3a2b89N
.exe windows:4 windows x86 arch:x86

97f2abb3303efa01f515cdb940bac576

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
SetStdHandle
VirtualProtect
ExitProcess
DeleteCriticalSection
GetVersion
FindClose
FindResourceA
CreateEventW
GetFullPathNameA
GetModuleHandleW
LoadLibraryExW
InterlockedCompareExchange
GetACP
SizeofResource
InterlockedIncrement
LocalReAlloc
WriteFile
GetProcessHeap
SetErrorMode
OutputDebugStringA
GetModuleHandleA
SetConsoleCP
VirtualFree
GetCurrentProcess
GetOEMCP
GetCommandLineW
HeapFree
GetCurrentProcessId
GetFileType
GetStartupInfoA
MulDiv
TerminateProcess
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapAlloc
FindFirstFileA
LoadLibraryA
LoadLibraryExA
GetShortPathNameA

user32

FillRect
CallWindowProcW
GetFocus
GetWindowPlacement
EndPaint
SetRect
RegisterClassW
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetScrollPos
PostThreadMessageW
UnregisterClassA
IsWindow

lz32

LZDone

gdi32

SetStretchBltMode
GetDeviceCaps
SetTextColor

msvcrt

memset
_stricmp
memcpy

ole32

CoMarshalHresult

advapi32

RegQueryInfoKeyW
RegQueryValueExA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97f2abb3303efa01f515cdb940bac576

Headers

File Characteristics

Imports

kernel32

user32

lz32

gdi32

msvcrt

ole32

advapi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 5KB - Virtual size: 20KB

.idata Size: - Virtual size: 110KB

.reloc Size: 512B - Virtual size: 272B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 5KB - Virtual size: 20KB

.idata
Size: - Virtual size: 110KB

.reloc
Size: 512B - Virtual size: 272B