10a32113c4000b2e48a6ef06a6d654a9

Sharing

Copy URL Twitter E-mail

General

Target

10a32113c4000b2e48a6ef06a6d654a9
Size

303KB
MD5

10a32113c4000b2e48a6ef06a6d654a9
SHA1

6710e610a80065cf2c9d02ac26d47089ab5bbf26
SHA256

7f162b583df4a6f96b841f1c6ce1b17fee8eb3e259a64a0c93e4b96fd398dec7
SHA512

ba195cab096c53ae88fa7dbd02faae28e3fab85f15c6c8c2407f16fddeac59d3cfa0e468d707899dd1f07e43ef2a7cc4dd72ab340ce0ff872a61ade63c6f94cc
SSDEEP

6144:9qUxQb0+8T/pRB8bJ6R0PQd9MP1NRz9S08q2js7gHqbkng74J:9a0+8XB8bJ6R0oX8N99Sk7gs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a32113c4000b2e48a6ef06a6d654a9

Files

10a32113c4000b2e48a6ef06a6d654a9
.exe windows:4 windows x86 arch:x86

d1d9d877eca8a3b97fb9360cfe38bb3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperation
RealShellExecuteA
SHGetFileInfoA
DragAcceptFiles
SHEmptyRecycleBinA
SHGetNewLinkInfo
InternalExtractIconListW
ExtractAssociatedIconA
FindExecutableA
SHLoadInProc
CommandLineToArgvW
DoEnvironmentSubstW
SHFormatDrive
ShellExecuteExA
DragQueryFileA
SHGetDataFromIDListW

gdi32

CreatePen
CreateFontIndirectA
Rectangle
GetViewportExtEx
MoveToEx
CreateFontA

comdlg32

PrintDlgA
ReplaceTextW
ReplaceTextA
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameA
PageSetupDlgW

advapi32

RegQueryMultipleValuesW
CryptHashData
AbortSystemShutdownW
CryptEnumProviderTypesA
RegSaveKeyW
AbortSystemShutdownA
LookupSecurityDescriptorPartsW
LookupAccountNameA
InitiateSystemShutdownA
CryptEnumProviderTypesW
RegQueryValueExW
GetUserNameA
RegSetKeySecurity
CryptVerifySignatureA
LookupAccountSidA

kernel32

TerminateProcess
HeapReAlloc
VirtualAlloc
FoldStringA
InterlockedExchange
GetCurrentProcessId
GetProcAddress
OpenWaitableTimerW
QueryPerformanceCounter
DosDateTimeToFileTime
HeapAlloc
OpenFile
GetSystemTimeAsFileTime
WriteConsoleOutputAttribute
LocalFileTimeToFileTime
WritePrivateProfileStructW
ExitProcess
UnlockFileEx
SetThreadContext
GetCurrentProcess
LoadLibraryA
HeapFree
RtlUnwind
GetShortPathNameA
GetCurrentThreadId
UnmapViewOfFile
GetTickCount
GetModuleFileNameA
WriteProfileStringW
VirtualQuery
ReleaseMutex
GetCurrencyFormatW
FindNextFileA
SetConsoleScreenBufferSize
GetNamedPipeHandleStateW
WaitForSingleObject
GetModuleHandleA

wininet

RetrieveUrlCacheEntryStreamA
SetUrlCacheGroupAttributeW
InternetUnlockRequestFile
FtpGetCurrentDirectoryW
FtpDeleteFileW
InternetFindNextFileW
DeleteUrlCacheGroup
FindNextUrlCacheEntryExA
InternetOpenA
InternetDialA
InternetHangUp
RegisterUrlCacheNotification
FindNextUrlCacheEntryW
GetUrlCacheEntryInfoExA
HttpEndRequestA
RetrieveUrlCacheEntryFileW
FindFirstUrlCacheEntryExW
UnlockUrlCacheEntryFile
GopherCreateLocatorA
SetUrlCacheEntryGroupA
GetUrlCacheConfigInfoW
HttpCheckDavCompliance

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1d9d877eca8a3b97fb9360cfe38bb3d

Headers

File Characteristics

Imports

shell32

gdi32

comdlg32

advapi32

kernel32

wininet

Sections

.text Size: 127KB - Virtual size: 126KB

.data Size: 162KB - Virtual size: 162KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 127KB - Virtual size: 126KB

.data
Size: 162KB - Virtual size: 162KB

.rsrc
Size: 12KB - Virtual size: 12KB