a65d318854d8418f9e6d2c8618dc87bf4b61a1a7b481990a99224f700fb92064

General

Target

a65d318854d8418f9e6d2c8618dc87bf4b61a1a7b481990a99224f700fb92064
Size

102KB
MD5

b005b29a2552b2399dc59e9042bdd03e
SHA1

556f642e5b835a318faa1c134a1df9baa182b45e
SHA256

a65d318854d8418f9e6d2c8618dc87bf4b61a1a7b481990a99224f700fb92064
SHA512

5842656ef8f20d42932b533b953b6ebdab550b5fe535a9998c012bee4ff4adf4e13a94712cab619856a1c328fb9892b66cb9548935ee281b7afb5280c0cde439
SSDEEP

1536:94EZST99cWATN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQtA+:97Znn2lQBV+UdE+rECWp7hKMA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
a65d318854d8418f9e6d2c8618dc87bf4b61a1a7b481990a99224f700fb92064

Files

a65d318854d8418f9e6d2c8618dc87bf4b61a1a7b481990a99224f700fb92064
.dll windows:4 windows x86 arch:x86

ab84cab4c67784aafb113ac334fcac81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
CloseHandle
SetLastError
DeviceIoControl
ResetEvent
WaitForSingleObject
SetEvent
GetTickCount
GetVersion
CreateThread
CreateEventA
CreateFileA
Sleep
CreateProcessA
GetCurrentProcessId
FatalExit
OutputDebugStringA
GetCommandLineA
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
GetLastError
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
DisableThreadLibraryCalls
WriteFile
SetFilePointer
HeapFree
HeapAlloc
VirtualAlloc
LoadLibraryA
SetStdHandle
FlushFileBuffers

Exports

Exports

GETLASTKEYERROR
KEYBD
KFUNC
ND16
RL16
XR16
_GETLASTKEYERROR@0
_KEYBD@4
_KFUNC@16
_ND16@8
_RL16@8
_XR16@8

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab84cab4c67784aafb113ac334fcac81

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 9KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB