2e4042f5640d1b384aa24576eed51da1

Sharing

Copy URL Twitter E-mail

General

Target

2e4042f5640d1b384aa24576eed51da1
Size

185KB
MD5

2e4042f5640d1b384aa24576eed51da1
SHA1

4457ad289577f39ed2f6cb5fa06cbdd75f2facdd
SHA256

f0226a1b48cc5e25a003d778ec8ba0e234d2aa6a21ae8aefe40b675dd003a7b2
SHA512

c93804e6959279d1a3da92b72cd32782bc9a3e74c6bd4aae68c6428620d5b54ea270c0e4c7910831e6f915b079084b04215d7a675893f951ecc9dc4549a8e076
SSDEEP

3072:3DJFQaX4YZzZOdazKeXXqbTeX+loZhTkaqGONEo43ukCIT88Yy:sqaaWeHqbTI+loZhT1Ouo436ITK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e4042f5640d1b384aa24576eed51da1

Files

2e4042f5640d1b384aa24576eed51da1
.exe windows:4 windows x86 arch:x86

a4fbadb67036989ffa09e1cf521a404e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegEnumValueA
RegQueryValueW
RegOpenKeyW
RegEnumKeyA
RegDeleteValueW
RegEnumKeyW
RegCreateKeyW
RegFlushKey
RegLoadKeyA
RegReplaceKeyW
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryInfoKeyW
RegDeleteValueA
RegQueryValueExW
RegCreateKeyExA
RegEnumValueW
RegDeleteKeyA
RegReplaceKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueA
RegOpenKeyA
RegLoadKeyA
RegLoadKeyW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyA
RegCreateKeyExW
RegQueryInfoKeyA
RegReplaceKeyA
RegLoadKeyW
RegOpenKeyW
RegFlushKey
RegQueryValueExW
RegEnumKeyW
RegDeleteValueW
RegOpenKeyExA
RegGetKeySecurity
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyW
RegQueryValueW
RegQueryValueExA
RegDeleteKeyA

kernel32

DeleteFileW
GetConsoleMode
GetConsoleCP
DeleteFileA
GetVersion
ExitThread
GetLastError
FindFirstFileA
GetProcessHeap
GetLastError
DeleteAtom
ExitProcess
CreateDirectoryA
GetConsoleOutputCP
GetCommandLineA
GetFileSize
GetFileTime
GetCommandLineA
OpenFile
ExitThread
ExitProcess
GetLastError
GetProcessHeap
CreateDirectoryA
GetLastError
CreateThread
GetCPInfo
GetFileTime
GetComputerNameA
GetVersion
FindFirstFileA
DeleteFileW
Sleep
DeleteFileA
GetCommandLineA
CreateProcessA
GetConsoleCP
FindFirstFileA
GetComputerNameA
GetConsoleMode
FindAtomA
GetFileTime
DeleteFileA
GetACP
DeleteAtom
GetStdHandle
ExitThread
CreateThread
GetConsoleOutputCP
GetOEMCP
CreateDirectoryA
Sleep
GetConsoleCP
DeleteFileW
CreateProcessA
GetLastError
ExitThread
GetConsoleMode
FindFirstFileA
GetOEMCP
GetComputerNameA
DeleteAtom
GetVersion
GetStdHandle
OpenFile
CreateDirectoryA
Sleep
DeleteFileA
GetACP
GetCommandLineA
ExitProcess
FindAtomA
GetFileSize
GetFileTime
GetStdHandle
DeleteAtom
GetConsoleMode
ExitProcess
CreateProcessA
DeleteFileW
GetProcessHeap
GlobalFree
GetCommandLineA
DeleteFileA
GetCommandLineA
CreateDirectoryA
GetLastError
ExitThread
GetConsoleOutputCP

user32

AlignRects
LoadMenuA
AppendMenuW
GetFocus
BlockInput
CalcMenuBar
GetWindowTextLengthA
DrawIconEx
GetDC
DialogBoxParamW
DialogBoxParamA
GetWindowTextA
AppendMenuA
InsertMenuA
GetMenu
CopyRect

Sections

.itext
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 145KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4fbadb67036989ffa09e1cf521a404e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.itext Size: 28KB - Virtual size: 28KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 145KB - Virtual size: 453KB

.idata Size: 5KB - Virtual size: 4KB

.itext
Size: 28KB - Virtual size: 28KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 145KB - Virtual size: 453KB

.idata
Size: 5KB - Virtual size: 4KB