01a2b37b15801bd11c1287f32cfa969c

Sharing

Copy URL Twitter E-mail

General

Target

01a2b37b15801bd11c1287f32cfa969c
Size

7.2MB
MD5

01a2b37b15801bd11c1287f32cfa969c
SHA1

518d4535e4f2f8aa488a687ad9fd3eff19e8dc81
SHA256

955251d278502716878cd25c8cd1611f20f82ce2c55900781ca0116cf2f862fe
SHA512

50f8017e1d34c0152e160c2df7328ea1d20458bef81e41722eadab170199d53f79e3e4735de6180a9a9f2f0f4fd9f08a8c93438adf6d9c21b7f309ddde410218
SSDEEP

196608:SQFxUYWciki5radyFyQNRIh4mdzQOtPnp:SBYvjYWyBIO0EOtf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01a2b37b15801bd11c1287f32cfa969c

Files

01a2b37b15801bd11c1287f32cfa969c
.dll windows:5 windows x86 arch:x86

a88ea1cc029f44dfcece1163fd58f5ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex

advapi32

RegQueryValueExW
RegUnLoadKeyW

user32

MessageBoxA
SetClassLongW
EnumDisplayMonitors
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

kernel32

GetVersion
GetProcAddress
GetVersionExW
GetVersion
Sleep
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

msimg32

GradientFill

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

OleUninitialize

comctl32

InitializeFlatSB

shell32

Shell_NotifyIconW

winspool.drv

OpenPrinterW
GetDefaultPrinterW

wtsapi32

WTSSendMessageW

Exports

Exports

GetProperty
NeuroCompute
NeuroFree
NeuroInit
NeuroLoad
NeuroPattern
NeuroRegister
NeuroSave
NeuroUnRegister
SetProperty

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a88ea1cc029f44dfcece1163fd58f5ae

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

ole32

comctl32

shell32

winspool.drv

wtsapi32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.itext Size: 7KB - Virtual size: 6KB

.data Size: 33KB - Virtual size: 33KB

.bss Size: - Virtual size: 21KB

.idata Size: 14KB - Virtual size: 13KB

.didata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 274B

.vmp0 Size: 2.9MB - Virtual size: 2.9MB

.vmp1 Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 168KB - Virtual size: 167KB

.rsrc Size: 51KB - Virtual size: 50KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.itext
Size: 7KB - Virtual size: 6KB

.data
Size: 33KB - Virtual size: 33KB

.bss
Size: - Virtual size: 21KB

.idata
Size: 14KB - Virtual size: 13KB

.didata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 274B

.vmp0
Size: 2.9MB - Virtual size: 2.9MB

.vmp1
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 168KB - Virtual size: 167KB

.rsrc
Size: 51KB - Virtual size: 50KB