1501124660ca2a31961bc7832cb87b368808ec7842d258bf832a10f5712da6d4

General

Target

1501124660ca2a31961bc7832cb87b368808ec7842d258bf832a10f5712da6d4
Size

279KB
MD5

21c4ba25a8f864c157c65820dd167d93
SHA1

479261e53a92b062103c12b554928245abd99b2d
SHA256

1501124660ca2a31961bc7832cb87b368808ec7842d258bf832a10f5712da6d4
SHA512

6e1a3ea20edcc8062db11587e5c286e1c45ce7517c55e5d6ce86b98dcc3fec1039855f2a389fadb66daef44cbd6d44db1a571631986d0fcb940b97aabf9c96ec
SSDEEP

6144:nzZ5e/V3WApRICD4pz+ZoIQB9SkZsBt1QbVHyN:njQVlRIoZMB9SkJVe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1501124660ca2a31961bc7832cb87b368808ec7842d258bf832a10f5712da6d4

Files

1501124660ca2a31961bc7832cb87b368808ec7842d258bf832a10f5712da6d4
.exe windows:5 windows x86 arch:x86

0aa79017272eecfd2c159f579ee5427f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

untfs

FormatEx
Format
Chkdsk
Recover
Extend

shell32

SHCreateShellItem
ShellMessageBoxA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetFileInfoA
DragQueryPoint
SHGetDiskFreeSpaceA
StrChrA
SHChangeNotify

certcli

CAEnumFirstCA
CACloseCertType
CADeleteCA
CAEnumNextCA
CACloseCA

kernel32

LoadLibraryA
CloseHandle
GetProcAddress
CreateFileW
CreateMailslotW
SetCurrentDirectoryA
GetConsoleTitleW
TlsGetValue
RemoveDirectoryW
OpenSemaphoreW
LoadLibraryExW
GetGeoInfoA
SetEvent
CreateSemaphoreW
CreateFileMappingW
CreateMutexA
FindFirstFileW
GetTempFileNameA
GetProfileIntA
WaitForSingleObject
AddAtomW
CopyFileA
CreateNamedPipeA
lstrlenA
LocalFileTimeToFileTime
IsBadReadPtr
GetPrivateProfileStringA
FormatMessageA
HeapCreate
GetVersionExA

Sections

.text
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: - Virtual size: 256B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0aa79017272eecfd2c159f579ee5427f

Headers

DLL Characteristics

File Characteristics

Imports

untfs

shell32

certcli

kernel32

Sections

.text Size: 258KB - Virtual size: 257KB

.adata Size: - Virtual size: 256B

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 258KB - Virtual size: 257KB

.adata
Size: - Virtual size: 256B

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 5KB - Virtual size: 5KB