a2003ac19ed17a8ba7b6fc936fcdc785e2d65240185a3beff91ae72fd617a144

Sharing

Copy URL

Twitter E-mail

General

Target

a2003ac19ed17a8ba7b6fc936fcdc785e2d65240185a3beff91ae72fd617a144
Size

412KB
MD5

16f437ff0bd1d9028c2b2044008e4889
SHA1

d1e6981e817e7d1c132d680b393877889580e0dd
SHA256

a2003ac19ed17a8ba7b6fc936fcdc785e2d65240185a3beff91ae72fd617a144
SHA512

9fd2d2a2b11d6e8e8c60be7077ddb7714603438355bd04e0286c18f7911098f1d4905abf40796ec44d495ab2855bbf69102373469cbfdaa770d7a21610c08b0f
SSDEEP

12288:FloNqpl15RBO+FAeFZI0rr2XSqoWkUjioqiZ:Fhd7xZruCqopc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2003ac19ed17a8ba7b6fc936fcdc785e2d65240185a3beff91ae72fd617a144

Files

a2003ac19ed17a8ba7b6fc936fcdc785e2d65240185a3beff91ae72fd617a144
.exe windows x86

053db4cf2f9b197b47d4868b93061ea6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleRun
CoCreateInstance
CoUninitialize

oleaut32

GetErrorInfo
SysAllocString
VariantClear
SysFreeString

kernel32

HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
IsValidLocale
InterlockedDecrement
FormatMessageW
lstrlenW
LocalAlloc
LocalFree
GetLastError
FindClose
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
SetFileAttributesW
CreateFileA
GetFileSize
SetFilePointer
GetModuleHandleExA
SystemTimeToFileTime
WriteFile
InitializeCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
CreateDirectoryA
FindFirstFileA
EnterCriticalSection
GetLocalTime
GetModuleFileNameA
FindNextFileA
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
CloseHandle
GetCurrentProcess
ReadFile
GetFileType
FileTimeToDosDateTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GetSystemTime
SetFileAttributesA
FindFirstFileW
CompareFileTime
WaitForSingleObject
CopyFileW
FindNextFileW
FileTimeToLocalFileTime
CreateMutexA
ReleaseMutex
GetFileAttributesW
CreateFileW
RemoveDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
TlsGetValue
TlsSetValue
TlsAlloc
SetEnvironmentVariableA
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
EncodePointer
DecodePointer
Sleep
GetLocaleInfoW
GetStringTypeW
GetConsoleCP
GetConsoleMode
LoadLibraryW
SetStdHandle
WriteConsoleW
FlushFileBuffers
DeleteFileA
TlsFree
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetLastError
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
GetModuleHandleW
GetProcAddress
HeapSize
IsProcessorFeaturePresent
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CompareStringW
GetDateFormatA
GetTimeFormatA
LCMapStringW
RtlUnwind
RaiseException
GetCPInfo
HeapFree
HeapAlloc
GetFileAttributesA
GetCommandLineA
HeapSetInformation

shell32

SHCreateDirectoryExW
ShellExecuteExW

shlwapi

PathIsDirectoryW

wininet

InternetOpenW
InternetFindNextFileW
InternetGetLastResponseInfoA
InternetConnectW
FtpCreateDirectoryW
InternetSetOptionW
FtpSetCurrentDirectoryW
InternetGetLastResponseInfoW
InternetCloseHandle
FtpPutFileW
FtpFindFirstFileW

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

053db4cf2f9b197b47d4868b93061ea6

Headers

DLL Characteristics

File Characteristics

Imports

ole32

oleaut32

kernel32

shell32

shlwapi

wininet

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 84KB - Virtual size: 88KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 84KB - Virtual size: 88KB