2ac994a039f7bb707bc70b5b0b5f734f

Sharing

Copy URL Twitter E-mail

General

Target

2ac994a039f7bb707bc70b5b0b5f734f
Size

597KB
MD5

2ac994a039f7bb707bc70b5b0b5f734f
SHA1

edc31c42b673ef96ce5fd3721ce051ab38a021a7
SHA256

79c4fe7ad05c4b6dbe384b5dc3c9b4e470b7d4e97dd0dd9116b032b61148f583
SHA512

557f7dc34a9acf507c90070bf0b20f980efbbb6fbe9feaba37fed4512ac89b21336fd8f5b05c9e39cfd661273cc8e3f68cc9bd893fa2c2b3d9ef2fa9532c378c
SSDEEP

12288:Sl/8Qv3SXqbZwniXYxB16D08PVE93wuwe+tPfI7bZfyt2s:kPv3SXq9UiXYxv6ggE93fVp9yt2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac994a039f7bb707bc70b5b0b5f734f

Files

2ac994a039f7bb707bc70b5b0b5f734f
.exe windows:5 windows x86 arch:x86

c53e08bb6beec713632928ff71fb4e4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfoExW
WriteConsoleInputW
ReadConsoleInputA
GetConsoleAliasA
SetCommTimeouts
InitializeSListHead
GetConsoleDisplayMode
CreateConsoleScreenBuffer
GetConsoleCP
VerifyVersionInfoW
WaitNamedPipeA
CreateMutexW
WriteConsoleA
SetLastError
CreateFileA
WritePrivateProfileSectionW
GetPrivateProfileSectionW
EnumDateFormatsExW
SetStdHandle
LoadLibraryW
RequestDeviceWakeup
FindFirstVolumeA
ReadFile
BuildCommDCBA
VerLanguageNameA
SetFileApisToANSI
WriteProcessMemory
ResetEvent
GetExitCodeThread
EndUpdateResourceA
GetCPInfo
UpdateResourceW
SetConsoleTitleW
SetFilePointer
CreateActCtxW
CopyFileW
AttachConsole
ReleaseActCtx
ReadConsoleOutputW
GetSystemWindowsDirectoryA
GetStringTypeW
BuildCommDCBAndTimeoutsA
HeapAlloc
FlushViewOfFile
GetAtomNameA
GlobalSize
HeapValidate
GetGeoInfoA
GetCurrentProcess
VirtualProtect
GetProcAddress
GetModuleHandleA
CreateThread
GetVersionExA
GetOEMCP
WaitForSingleObject
GetSystemPowerStatus
WriteConsoleOutputCharacterW
SetTimeZoneInformation
GetMailslotInfo
SetEnvironmentVariableA
GetFileAttributesExA
GetComputerNameW
CommConfigDialogA
GetConsoleWindow
GetDiskFreeSpaceW
CloseHandle
GetUserDefaultLangID
LeaveCriticalSection
GetLongPathNameW
GetConsoleAliasesLengthA
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetLastError
HeapFree
TerminateProcess
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
ExitProcess
WriteFile
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetACP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LoadLibraryA
WideCharToMultiByte
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetConsoleOutputCP
WriteConsoleW

user32

GetAltTabInfoA

gdi32

GetCharWidth32A

advapi32

BackupEventLogA
AdjustTokenPrivileges

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c53e08bb6beec713632928ff71fb4e4b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 482KB - Virtual size: 481KB

.data Size: 19KB - Virtual size: 4.4MB

.rsrc Size: 95KB - Virtual size: 94KB

.text
Size: 482KB - Virtual size: 481KB

.data
Size: 19KB - Virtual size: 4.4MB

.rsrc
Size: 95KB - Virtual size: 94KB