04a5a7b2f6859ac12cd2767c1896b305

Sharing

Copy URL Twitter E-mail

General

Target

04a5a7b2f6859ac12cd2767c1896b305
Size

281KB
MD5

04a5a7b2f6859ac12cd2767c1896b305
SHA1

7cc0a061845e73f89b320d7c6fa2b68b9841b473
SHA256

fec6fefcf2dfdd254eb68ed1dea3ac3eac0986d87cea6abd197db88bcd6b7313
SHA512

b0a7f80c12ff279816078d7107f04102f17bc919e1ae75cd71dd8b9725a6d97cb1964f4c9e0f2d2f27c6cee616930bfb81f6a4ce6f21f1c0db8532b20a7a8aac
SSDEEP

6144:5LoEHK+oLVf3ljvt50Y+Ar5BQFgB+LQ4yffFtiEG3p9:57eLVf3ljV5L0gs84iNtih

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a5a7b2f6859ac12cd2767c1896b305

Files

04a5a7b2f6859ac12cd2767c1896b305
.exe windows:4 windows x86 arch:x86

49803595529c6abd96d8f939e41d80f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetStringTypeW
GetDiskFreeSpaceW
GlobalLock
GetModuleHandleW
EnumTimeFormatsA
HeapAlloc
LoadLibraryA
TlsFree
MultiByteToWideChar
UnhandledExceptionFilter
CreateWaitableTimerA
EnumDateFormatsExW
EnumSystemLocalesA
Sleep
TlsAlloc
DeleteCriticalSection
GetStartupInfoW
GetStdHandle
FindNextFileW
SetLastError
GetCPInfo
GetStringTypeA
GetDateFormatA
RtlMoveMemory
HeapCreate
TlsSetValue
GetStartupInfoA
GetProcAddress
IsDebuggerPresent
GetOEMCP
WriteFile
GetFileAttributesW
GetACP
lstrcat
HeapDestroy
VirtualQuery
LeaveCriticalSection
WideCharToMultiByte
SetEnvironmentVariableA
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
TlsGetValue
GetModuleFileNameW
HeapReAlloc
LCMapStringW
ExitProcess
GetUserDefaultLCID
GetCommandLineW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidCodePage
GetModuleHandleA
GetLastError
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
SetHandleCount
VirtualFree
FreeLibrary
GetLocaleInfoA
GetCurrentProcessId
GetModuleFileNameA
IsValidLocale
FreeEnvironmentStringsW
SetLocaleInfoA
GetTickCount
GetTimeZoneInformation
CompareStringA
GetFileType
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
RtlUnwind
GetEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringA
GetProfileStringA
GetCurrentThread
GetLocaleInfoW
FindResourceA
GetTimeFormatA
HeapSize
HeapFree

user32

CreateMDIWindowW
UnionRect
IsChild
DefWindowProcA
GetDoubleClickTime
GetTopWindow
DrawFrameControl
SetWindowsHookA

advapi32

RegCreateKeyExW
CreateServiceW
LookupSecurityDescriptorPartsW
DuplicateToken
RegCreateKeyA
CryptEnumProviderTypesA
CryptEnumProviderTypesW
RegQueryMultipleValuesW
InitiateSystemShutdownA
ReportEventA
RegEnumValueA
CryptSetProviderExW
CryptHashData
RegEnumKeyExA
CryptDeriveKey
RegFlushKey

shell32

DragQueryFileA
ShellAboutW
ExtractIconW
SHGetDesktopFolder

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49803595529c6abd96d8f939e41d80f7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 133KB - Virtual size: 133KB

.data Size: 139KB - Virtual size: 169KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 133KB - Virtual size: 133KB

.data
Size: 139KB - Virtual size: 169KB

.rsrc
Size: 7KB - Virtual size: 6KB