2ef4a406c5f01d306e442972c4688d88

Sharing

Copy URL Twitter E-mail

General

Target

2ef4a406c5f01d306e442972c4688d88
Size

512KB
MD5

2ef4a406c5f01d306e442972c4688d88
SHA1

3daf19a91bfca6f381ec654c07650d4078b8cd7f
SHA256

eb04c8a0c8e6385e3992966a9e940ef9783bc88c3cb285144e2bc4486850c062
SHA512

63c3f749241ad5b3f5ff513b009199b716a2c713a06551895b1b004a91343d4f1ff171028061cda709e10dc854266a60a3b41afd2391701f9072acd78d7f1895
SSDEEP

3072:hh6PQObNifeeDFbQHEcXjuI8yDK84lODjY1wqW:jYQWk6iwTX2wqW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ef4a406c5f01d306e442972c4688d88

Files

2ef4a406c5f01d306e442972c4688d88
.exe windows:4 windows x86 arch:x86

584122f6dd45aae985c3d9f74e2108f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegDeleteKeyA
RegCreateKeyExW
RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegLoadKeyW
RegDeleteKeyW
RegFlushKey
RegLoadKeyA
RegCreateKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
RegCreateKeyExA
RegReplaceKeyW
RegEnumKeyW
RegQueryInfoKeyA
RegReplaceKeyA
RegOpenKeyA
RegGetKeySecurity
RegQueryValueW
RegEnumKeyExA
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyW
RegQueryValueA
RegDeleteValueA
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueA
RegEnumValueW
RegQueryInfoKeyA
RegLoadKeyA
RegCreateKeyExW
RegDeleteKeyW
RegEnumValueA
RegQueryValueExA
RegLoadKeyW
RegOpenKeyW
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegFlushKey
RegQueryValueA
RegReplaceKeyA
RegReplaceKeyW
RegGetKeySecurity
RegOpenKeyA
RegCreateKeyW
RegQueryValueW
RegEnumKeyW
RegEnumKeyA
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyA
RegDeleteValueW

user32

LoadMenuA
DialogBoxParamA
DrawIconEx
IsMenu
DialogBoxParamW
DrawIcon
CloseWindow
GetWindowTextLengthA
CalcMenuBar
AppendMenuW
CopyIcon
EndDialog
CopyRect
GetFocus
GetMenu
DrawTextW
AlignRects
LoadCursorA
GetCursor
CopyImage
AppendMenuA
CreateIcon
InsertMenuA
IsWindow
GetWindowTextA
DrawTextA
BlockInput
GetDC
GetDlgItem

kernel32

CloseHandle
lstrcmpiA
CloseHandle
GetFileSize
CloseHandle
GetCPInfo
CloseHandle
GetCommandLineA
CloseHandle
GetModuleFileNameA
CloseHandle
GetStringTypeA
CloseHandle
lstrcatA
CloseHandle
HeapFree
CloseHandle
GetLastError

Sections

.t4xt
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e9a8a
Size: 10KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.id75a
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

584122f6dd45aae985c3d9f74e2108f4

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.t4xt Size: 22KB - Virtual size: 22KB

.rdata Size: 101KB - Virtual size: 101KB

.e9a8a Size: 10KB - Virtual size: 86KB

.id75a Size: 9KB - Virtual size: 8KB

.t4xt
Size: 22KB - Virtual size: 22KB

.rdata
Size: 101KB - Virtual size: 101KB

.e9a8a
Size: 10KB - Virtual size: 86KB

.id75a
Size: 9KB - Virtual size: 8KB