a23cfb53370de983d458a8a929084cdbe41846522d7576eee2069be5441ba08b

Sharing

Copy URL Twitter E-mail

General

Target

a23cfb53370de983d458a8a929084cdbe41846522d7576eee2069be5441ba08b
Size

95KB
MD5

0754b113ee7694e0a88705a01047288b
SHA1

51228c5c9f72d50a1531e1911fa2871cca1793f4
SHA256

a23cfb53370de983d458a8a929084cdbe41846522d7576eee2069be5441ba08b
SHA512

8df51ddf2fd68848f33b2ef979fe2e31f6d768b5a3a29846f66c46ac07e4f2a7b7aee7b5909a0a7974a2295f55bd2785f92c1ff3bad3f6b1a098bb34f945ac29
SSDEEP

1536:jan0R4yaiYU+hO1idunTpfl5opyqPl+ADc:jan/7iX+h0iABgyqNdc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a23cfb53370de983d458a8a929084cdbe41846522d7576eee2069be5441ba08b

Files

a23cfb53370de983d458a8a929084cdbe41846522d7576eee2069be5441ba08b
.exe windows:5 windows x64

224736d733a119d89fa4c2463ea7f892

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

LoadAcceleratorsA
KillTimer
IsIconic
IsDlgButtonChecked
InvalidateRgn
IntersectRect
GetMonitorInfoA
LoadCursorA
GetCursorInfo
GetWindowRect
GetWindowLongPtrA
GetSubMenu
GetMessageA
GetIconInfo
LoadIconA
LoadImageA
LoadMenuA
ClientToScreen
FillRect
TranslateMessage
TranslateAcceleratorA
TrackPopupMenu
SystemParametersInfoA
ShowWindow
SetWindowPos
SetWindowLongPtrA
SetTimer
SetProcessDefaultLayout
SetCapture
SendMessageA
SendDlgItemMessageA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterClassA
PostQuitMessage
PostMessageA
OffsetRect
MonitorFromRect
MessageBoxA
LoadStringA
GetGUIThreadInfo
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetCapture
EndPaint
EndDialog
DrawIcon
DispatchMessageA
DialogBoxParamA
DestroyWindow
DestroyMenu
DestroyIcon
DefWindowProcA
CreateWindowExA
CreateDialogParamA
BeginPaint

gdi32

SelectObject
GetStockObject
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
StretchBlt
BitBlt

comctl32

InitCommonControlsEx

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

SHAppBarMessage
Shell_NotifyIconA

msvcrt

_fpreset
__lconv_init
signal
_acmdln
__initenv
_initterm
atoi
_cexit
exit
__set_app_type
__getmainargs
_amsg_exit
__setusermatherr
malloc
strlen
memcpy
memset

kernel32

GetUserDefaultUILanguage
GetStartupInfoA
SetUnhandledExceptionFilter
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleHandleA
LoadLibraryW
GetProcAddress
DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
TlsGetValue
GetTickCount

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

224736d733a119d89fa4c2463ea7f892

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comctl32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 420B

.rsrc Size: 72KB - Virtual size: 71KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 420B

.rsrc
Size: 72KB - Virtual size: 71KB

.reloc
Size: 512B - Virtual size: 28B