04a8022c0bc7e3691d3621df99d2b2ab

Sharing

Copy URL Twitter E-mail

General

Target

04a8022c0bc7e3691d3621df99d2b2ab
Size

165KB
MD5

04a8022c0bc7e3691d3621df99d2b2ab
SHA1

07596adb5b238cf889770f2ee0a803ca6cfa5f0a
SHA256

e97d5739f81f3235df9d984a0ed008bb82706b4cf96794274269e6dcdaa19835
SHA512

ec944c1b1c7f814d1008468d74828e8a747c710199f083beaa04fd1b6f1fdc5aa06e7692ae68ef2d29fdb62853f070ba0fd5b1d61cb3c45c8c6c3046449e4da3
SSDEEP

3072:FIVq1YKwWwEJHd5/XMo1aKMesWb535cRmIfIM6sQuWC75QaOy802:FIcmjW+acyt35oTfQ9h08J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a8022c0bc7e3691d3621df99d2b2ab

Files

04a8022c0bc7e3691d3621df99d2b2ab
.exe windows:4 windows x86 arch:x86

d3786f8e027ff8d12f7b89a045a41558

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

kernel32

TlsFree
FlushFileBuffers
SetLastError
WideCharToMultiByte
UnhandledExceptionFilter
GetModuleFileNameA
GetLocaleInfoW
WriteConsoleA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
LeaveCriticalSection
TlsGetValue
EnumSystemLocalesA
IsDebuggerPresent
RaiseException
GetThreadPriority
InterlockedIncrement
HeapCreate
GetCurrentDirectoryW
HeapFree
InterlockedDecrement
GetProcAddress
HeapSize
GetTickCount
MultiByteToWideChar
GetConsoleCP
CloseHandle
GetStartupInfoA
SetCommTimeouts
DeleteCriticalSection
GetStdHandle
VirtualFree
IsValidLocale
GetCPInfo
GetConsoleMode
GlobalAlloc
EnterCriticalSection
LoadLibraryA
GetModuleHandleA
GetCommandLineA
LCMapStringA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStrings
VirtualAlloc
SetUnhandledExceptionFilter
GetFullPathNameW
GetVersionExA
SetHandleCount
EnumResourceNamesA
GetStringTypeW
TlsAlloc
GetLocaleInfoA
GetCurrentThreadId
SetStdHandle
GetProcessHeap
CreateFileA
IsValidCodePage
Sleep
GetOEMCP
GetFileType
SetEndOfFile
QueryPerformanceCounter
GetStringTypeA
TerminateProcess
GetCurrentProcessId
SetFilePointer
WriteConsoleW
TlsSetValue
ExitProcess
HeapReAlloc
InitializeCriticalSection
GetCurrentProcess
GetEnvironmentStringsW
HeapDestroy
RtlUnwind
LCMapStringW
ReadFile
GetConsoleOutputCP
GetACP
GetLastError
ExitProcess
HeapAlloc
GetUserDefaultLCID
WriteFile
GetFullPathNameA

ole32

CoInitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoUninitialize
CoSetProxyBlanket

shlwapi

SHDeleteKeyW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3786f8e027ff8d12f7b89a045a41558

Headers

File Characteristics

Imports

shell32

kernel32

ole32

shlwapi

advapi32

user32

rpcrt4

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 72KB