000aa630eb791fc1ddbc944eb2bd4208

Sharing

Copy URL

Twitter E-mail

General

Target

000aa630eb791fc1ddbc944eb2bd4208
Size

242KB
MD5

000aa630eb791fc1ddbc944eb2bd4208
SHA1

ddc222240992c517e0740acf15e6c196b59fd167
SHA256

f01bd0c4094a88af679b68f4479d2e0f70b78a5f21559e442ee49bc7687fd6bd
SHA512

a127ef48df9fa91981062ff0dc550134c997b19f25a3fc62491a2027e042d1cbfdf912664bf7e4d260a0716ee427d855cbb91fb64208650e830552963cd5723f
SSDEEP

3072:yicL83HebjfBESfwMEoyQ58P7tFKDHOeqHHllSJX9Xk6T:tX3+bjzfMqg7GDueqHHllGNn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000aa630eb791fc1ddbc944eb2bd4208

Files

000aa630eb791fc1ddbc944eb2bd4208
.exe windows:4 windows x86 arch:x86

240f2a2cf0a0cefe9ea67251aee64bfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStdHandle
GetStringTypeW
IsValidLocale
GetProcAddress
GetTimeFormatA
HeapReAlloc
LCMapStringW
VirtualQueryEx
GetFileType
GetCurrentProcessId
MultiByteToWideChar
GetDiskFreeSpaceExA
EnumSystemLocalesA
SetConsoleCtrlHandler
Sleep
GetTimeZoneInformation
WritePrivateProfileStringW
SetEnvironmentVariableA
TlsAlloc
GetCPInfo
SetLastError
GetCommandLineA
GetOEMCP
GetVersionExA
MoveFileExA
GetEnvironmentStrings
WriteConsoleInputW
WriteFile
ExitProcess
GetTickCount
RtlZeroMemory
LeaveCriticalSection
HeapFree
CompareStringA
GetModuleFileNameA
GetLocaleInfoW
LoadLibraryA
QueryPerformanceCounter
SetTimeZoneInformation
VirtualAlloc
SetThreadIdealProcessor
HeapDestroy
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
UnhandledExceptionFilter
CompareStringW
FreeEnvironmentStringsW
GetCurrentThread
InterlockedIncrement
SetHandleCount
GetStringTypeA
GetCurrentDirectoryA
GetSystemTimeAsFileTime
DeleteCriticalSection
LoadLibraryExW
FreeLibrary
EnterCriticalSection
GetACP
FreeEnvironmentStringsA
IsValidCodePage
HeapCreate
TlsSetValue
OpenSemaphoreA
GetCommandLineW
IsDebuggerPresent
VirtualFree
GetStartupInfoW
LCMapStringA
GetDateFormatA
GetWindowsDirectoryA
InterlockedExchange
GetLastError
TlsGetValue
WriteConsoleW
HeapSize
FileTimeToSystemTime
WriteConsoleInputA
GetUserDefaultLCID
GetStartupInfoA
HeapAlloc
InterlockedDecrement
TlsFree
GetPrivateProfileStructW
GetProcessHeap
VirtualQuery
GetModuleHandleA
InitializeCriticalSection
GetEnvironmentStringsW
GetModuleFileNameW
RtlUnwind
lstrlen
WideCharToMultiByte
FindClose

gdi32

IntersectClipRect
LPtoDP
PolyBezier
GetOutlineTextMetricsA
GetROP2
ExtSelectClipRgn
GetDeviceCaps
GetFontLanguageInfo
CreateFontA
CreateICW
GetObjectType
RemoveFontResourceW
ChoosePixelFormat
GetKerningPairsW
ModifyWorldTransform
SelectClipPath
EnumFontsW
GetTextExtentExPointW
StrokeAndFillPath
FlattenPath
SetArcDirection
PlgBlt

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

240f2a2cf0a0cefe9ea67251aee64bfe

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 113KB - Virtual size: 113KB

.data Size: 113KB - Virtual size: 140KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 113KB - Virtual size: 113KB

.data
Size: 113KB - Virtual size: 140KB

.rsrc
Size: 14KB - Virtual size: 14KB