189a286d906a5ac797ed9efc40207e4b6c2925d9892040ac2ee73121bd113a1d

General

Target

189a286d906a5ac797ed9efc40207e4b6c2925d9892040ac2ee73121bd113a1d
Size

102KB
MD5

1eefbe88c0f2df517fbd81b205d09638
SHA1

3da0b37898b8fb6224c8014ed0264869811f7f23
SHA256

189a286d906a5ac797ed9efc40207e4b6c2925d9892040ac2ee73121bd113a1d
SHA512

8c7b7f577df0faeb813d52d2b2ecc91b5dfcdf15e711d205b3c6f96d35a6a44c0cf58d296c911778f4fb71de7dfcf6a2d3d6aef2c5f9aa47a94c6c9b4d61f3d0
SSDEEP

1536:jaK6bf0T8qoMfHjVM5/7IKrRrI9FL/tFOdEJRFhJmlJlrkisBzB0Yaw:uz0Qqxxe/7xtgRVJJRXk3lonrp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
189a286d906a5ac797ed9efc40207e4b6c2925d9892040ac2ee73121bd113a1d

Files

189a286d906a5ac797ed9efc40207e4b6c2925d9892040ac2ee73121bd113a1d
.exe windows:4 windows x86 arch:x86

4861ec1315cd005040ddeea96050e05e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

InitCommonControls

kernel32

CloseHandle
CreateSemaphoreA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
GetCommandLineA
GetCurrentProcess
GetEnvironmentVariableA
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetTempFileNameA
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
LoadLibraryA
MoveFileExA
RemoveDirectoryA
SetCurrentDirectoryA
SetUnhandledExceptionFilter
Sleep

msvcrt

__getmainargs
__p__environ
__set_app_type
_cexit
_fileno
_fmode
_fpreset
_iob
_mkdir
_rmdir
_setmode
atexit
fclose
fgets
fgetws
fopen
rand
signal
sprintf
srand
strchr
strcpy
time
wcscat
wcscpy
wcslen
wcsncmp

user32

ExitWindowsEx
MessageBoxW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4861ec1315cd005040ddeea96050e05e

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

msvcrt

user32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 40B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 77KB - Virtual size: 80KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 40B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 77KB - Virtual size: 80KB