2a997f4916f08cf0a9574da4ab8a67b2

Sharing

Copy URL

Twitter E-mail

General

Target

2a997f4916f08cf0a9574da4ab8a67b2
Size

526KB
MD5

2a997f4916f08cf0a9574da4ab8a67b2
SHA1

16fa3fac80e5ac755c882a3425069fec582ea7b5
SHA256

e3f377e794a1d3006bd62170239dff862f92c2ba6a3e847ef61336ea27570e44
SHA512

86b5fe9aaa70711983f662361b50c766bf59f6c8a9eb5b4a0737e5e8e7a844f74b61dad8532e893a818b6defb98c0cb66eda3abc2d20c3d405213288c3d011b2
SSDEEP

12288:6TKkGJw/PDyla3LwKq7szCblZSfpdoD0PXLOFptorU3XThQUH6:cKk9lq7X5ZSfrfx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a997f4916f08cf0a9574da4ab8a67b2

Files

2a997f4916f08cf0a9574da4ab8a67b2
.exe windows:5 windows x86 arch:x86

929707d6b504bc127e779213a643020c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetDeviceCaps
DeleteDC
CreateSolidBrush

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
VariantClear

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize

kernel32

VirtualAlloc
FindResourceA
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
CreateProcessA
SizeofResource
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
GetLastError
InterlockedIncrement
ExitProcess
GetFileType
CreateEventA
CreateFileW
CreateFileMappingA
CompareStringA
lstrcpyA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetErrorMode
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
GetVersionExA
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
TlsSetValue
CreateThread
GetModuleHandleA
GetLocalTime
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
LoadResource
InitializeCriticalSection
GetExitCodeProcess
LocalFree
SetEvent
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
SetStdHandle
GetLocaleInfoW
CreateFileA
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
FreeEnvironmentStringsW
RtlUnwind

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

user32

SetWindowPos
PostQuitMessage
SetWindowTextA
DispatchMessageA
SetCursor
ReleaseDC
CallWindowProcA
SendMessageA
InvalidateRect
GetFocus
IsWindowVisible
GetSysColor
MessageBoxA
SetForegroundWindow
FillRect
TrackPopupMenu
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
GetSubMenu
CheckMenuItem
EndDialog
SetWindowLongA
PostMessageA
GetWindowRect
GetSystemMetrics
DefWindowProcA
SetFocus
EndPaint
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
LoadStringA
IsWindowEnabled
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
GetClientRect
GetCursorPos
GetDC
PeekMessageA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 466KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929707d6b504bc127e779213a643020c

Headers

File Characteristics

Imports

gdi32

oleaut32

ole32

kernel32

advapi32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 466KB - Virtual size: 466KB

.data Size: 37KB - Virtual size: 39KB

.rsrc Size: 1024B - Virtual size: 704B

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 466KB - Virtual size: 466KB

.data
Size: 37KB - Virtual size: 39KB

.rsrc
Size: 1024B - Virtual size: 704B