2faa6f167dde7bfa00925b6c9b49cb05

Sharing

Copy URL

Twitter E-mail

General

Target

2faa6f167dde7bfa00925b6c9b49cb05
Size

665KB
MD5

2faa6f167dde7bfa00925b6c9b49cb05
SHA1

d48cd81b4d3d7e3e952cc8fb28f42aeeb577d7eb
SHA256

e111bd809eb5d9386622039a520ea0193a4f6d3156d99fe667a4aedb7638b578
SHA512

9c5800e514d88a60f84b13f0da5cdfa42b08770181a88e43e26b4e75cce02586bd0375c14be111c934d2e11641ec22612ac1f204779bb7fc22cc3046c53b7b96
SSDEEP

12288:bxqoG1iemnpguHbuIIKG2LFiLtlW5B6JYSaHwmHa6a4mW:bxNtemnp7BIKJiLa5BCO/66a4mW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2faa6f167dde7bfa00925b6c9b49cb05

Files

2faa6f167dde7bfa00925b6c9b49cb05
.exe windows:4 windows x86 arch:x86

8fac99e8f4a0c65d3e6cb55720e8b5df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueA
RegQueryValueExW

user32

SetWindowsHookExW
SetCursorPos
GetWindowLongW
DestroyAcceleratorTable
DefWindowProcW
GetClientRect
BeginPaint
FillRect
LoadAcceleratorsW
SystemParametersInfoW
GetSystemMetrics
SetWindowLongW
SetWindowRgn
MessageBeep
GetUpdateRect
TranslateMessage
SendMessageW
VkKeyScanW
DrawTextW
AdjustWindowRectEx
SetParent
HideCaret
IsClipboardFormatAvailable
PeekMessageW
SetWindowTextW
GetWindow
KillTimer
CloseClipboard
GetMessagePos
CallNextHookEx
GetWindowTextLengthW
EnumDisplaySettingsW
GetFocus
InsertMenuW
CreateDialogParamW
OpenClipboard
RedrawWindow
GetCapture
EmptyClipboard
GetMenuState
ChangeDisplaySettingsW
IsWindowVisible

kernel32

InterlockedDecrement
InterlockedIncrement
HeapReAlloc
GetOEMCP
VirtualAlloc
HeapAlloc
GetCPInfo
GetACP
LCMapStringA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetStringTypeA
LCMapStringW
GetStringTypeW
SetLastError
TlsAlloc
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
GetFileType
HeapDestroy
GetEnvironmentVariableA
GetVersionExA
GetLastError
TlsGetValue
GetModuleHandleA
RtlUnwind
HeapFree
HeapCreate
VirtualFree
EnterCriticalSection
WriteFile
LeaveCriticalSection
GetModuleFileNameA
GetCurrentProcess
UnhandledExceptionFilter
GetVersion
GetCommandLineA
ExitProcess
TerminateProcess
CreateThread
InitializeCriticalSection
CreateFileW
UnmapViewOfFile
MapViewOfFile
CloseHandle

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 577KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fac99e8f4a0c65d3e6cb55720e8b5df

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 577KB

.tls Size: 4KB - Virtual size: 12B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 577KB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 4KB - Virtual size: 1KB