2a0501ca82297e3e87c7458d6d9ae7f8af512b4acc05bbcb9aa7cab785a4c74e

Sharing

Copy URL Twitter E-mail

General

Target

2a0501ca82297e3e87c7458d6d9ae7f8af512b4acc05bbcb9aa7cab785a4c74e
Size

474KB
MD5

911457deb111ba0a0e467f89d1add215
SHA1

d2f1a3ce3d567f82d515d7a5eb3678b9825a7c98
SHA256

2a0501ca82297e3e87c7458d6d9ae7f8af512b4acc05bbcb9aa7cab785a4c74e
SHA512

d83f54123532ba959d87b0c9006a52dc9790edb3c0854f5485959a946fbc2a6dc894b0b702e6e3b7fbb934675d4be2963a9cf633e5dcbf3facabaef94b27501d
SSDEEP

6144:Hfxhn4xkoiYH/xC5s1Xf1DRy/o4j444444vOMC:HZol7f1DRy/tjOMC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a0501ca82297e3e87c7458d6d9ae7f8af512b4acc05bbcb9aa7cab785a4c74e

Files

2a0501ca82297e3e87c7458d6d9ae7f8af512b4acc05bbcb9aa7cab785a4c74e
.exe windows:6 windows x64

605526b460202f3e766202f911fa43e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

connectivity_plus_windows_plugin

ConnectivityPlusWindowsPluginRegisterWithRegistrar

flutter_secure_storage_windows_plugin

FlutterSecureStorageWindowsPluginRegisterWithRegistrar

sentry_flutter_plugin

SentryFlutterPluginRegisterWithRegistrar

system_tray_plugin

SystemTrayPluginRegisterWithRegistrar

url_launcher_windows_plugin

UrlLauncherWindowsRegisterWithRegistrar

window_size_plugin

WindowSizePluginRegisterWithRegistrar

flutter_windows

FlutterDesktopEngineProcessMessages
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopViewControllerHandleTopLevelWindowProc
FlutterDesktopViewControllerGetView
FlutterDesktopViewControllerDestroy
FlutterDesktopViewControllerCreate
FlutterDesktopEngineGetMessenger
FlutterDesktopEngineReloadSystemFonts
FlutterDesktopEngineGetPluginRegistrar
FlutterDesktopEngineDestroy
FlutterDesktopEngineCreate
FlutterDesktopGetDpiForMonitor
FlutterDesktopResyncOutputStreams
FlutterDesktopViewGetHWND

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RtlVirtualUnwind
MultiByteToWideChar
Sleep
OutputDebugStringA
GetModuleFileNameW
CreateProcessW
CreateThread
TerminateProcess
WaitForSingleObject
CloseHandle
LoadLibraryA
GetProcAddress
GetModuleHandleW
FreeLibrary
IsDebuggerPresent
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
ReleaseMutex
CreateMutexW
AttachConsole
GetCommandLineW
LocalFree
WideCharToMultiByte
AllocConsole
OutputDebugStringW

user32

AppendMenuW
TrackPopupMenu
DestroyMenu
PostMessageW
SetTimer
IsWindow
CreatePopupMenu
GetCursorPos
UnregisterClassW
ShowWindow
SendMessageW
GetMessageW
MonitorFromPoint
LoadIconW
LoadCursorW
SetParent
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
SwitchToThisWindow
SetFocus
IsWindowVisible
SetWindowPos
MoveWindow
DestroyWindow
CreateWindowExW
RegisterClassW
PostQuitMessage
DefWindowProcW
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
FindWindowW
SetForegroundWindow
UpdateWindow

gdi32

GetStockObject

shell32

CommandLineToArgvW
Shell_NotifyIconW

ole32

CoInitializeEx
CoUninitialize

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?sync_with_stdio@ios_base@std@@SA_N_N@Z
_Query_perf_frequency
_Query_perf_counter
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

vcruntime140

_purecall
__std_exception_copy
__current_exception_context
__current_exception
__C_specific_handler
_CxxThrowException
memcmp
memset
memmove
memcpy
__std_terminate
__std_exception_destroy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_wide_environment
_register_thread_local_exe_atexit_callback
_c_exit
_configure_wide_argv
_exit
_invalid_parameter_noinfo_noreturn
_invoke_watson
_initterm_e
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
exit
_register_onexit_function
_initialize_onexit_table
_initterm
_get_wide_winmain_command_line
terminate

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vsscanf
freopen_s
__p__commode
_dup2
_fileno
_set_fmode
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf_s

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh
_set_new_mode

api-ms-win-crt-string-l1-1-0

wcsncpy_s
wcscat_s
strpbrk

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605526b460202f3e766202f911fa43e9

Headers

DLL Characteristics

File Characteristics

Imports

connectivity_plus_windows_plugin

flutter_secure_storage_windows_plugin

sentry_flutter_plugin

system_tray_plugin

url_launcher_windows_plugin

window_size_plugin

flutter_windows

kernel32

user32

gdi32

shell32

ole32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 4KB - Virtual size: 5KB

.pdata Size: 7KB - Virtual size: 6KB

.rsrc Size: 308KB - Virtual size: 308KB

.reloc Size: 1024B - Virtual size: 592B

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 4KB - Virtual size: 5KB

.pdata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 308KB - Virtual size: 308KB

.reloc
Size: 1024B - Virtual size: 592B