1aa40ef2385657d06711c3ac9fe064ce

Sharing

Copy URL Twitter E-mail

General

Target

1aa40ef2385657d06711c3ac9fe064ce
Size

132KB
MD5

1aa40ef2385657d06711c3ac9fe064ce
SHA1

360274ae99df2e2dd58175c46dd270da9f860729
SHA256

3a456c135deb461e6251f3e5389d0ac0c4f6d2273ccf8e07b52ec62cd099e18b
SHA512

096ecdc3c1c0451ebbd65bd490c4b6f235ac57a94fbd5af8d952ba78d92b36b0e32d7e0bc097cbc277263141889307eb5a4806bfbce8fa9c4f819377a332a1f1
SSDEEP

3072:W4rd4KHR+uczBOgEJ0rrzFBX3IFTWJR0t3wgW:9rd4KHR+uczBOgEM73iWJCw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aa40ef2385657d06711c3ac9fe064ce

Files

1aa40ef2385657d06711c3ac9fe064ce
.exe windows:1 windows x86 arch:x86

2014ce8e9363ebebcd1bd3dec29972fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetLocalTime
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetVersion
WinExec
GetCommandLineA
GetLastError
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
MultiByteToWideChar
SetEnvironmentVariableA
GetCurrentThreadId
lstrlenA
GetEnvironmentStrings
GetStartupInfoA
GetModuleHandleA
GetFileType
VirtualFree
GetPrivateProfileStringA
VirtualAlloc

user32

ShowWindow
GetDC
MessageBoxA
wsprintfA
SetActiveWindow
GetSystemMetrics

winmm

waveOutGetNumDevs
sndPlaySoundA

gdi32

GetDeviceCaps

tl221mn

ord138
ord69
ord232
ord146
ord127
ord174
ord240
ord176
ord243
ord233
ord140
ord133
ord167
ord184
ord241
ord173
ord156
ord227
ord225
ord236
ord250
ord226
ord231
ord131
ord180
ord130
ord158
ord129
ord148
ord134
ord125
ord136
ord137

sv221mn

ord1649
ord1461
ord56
ord1844
ord1273
ord1928
ord1391
ord1394
ord1274
ord1395
ord1373
ord1374
ord1379
ord1381
ord1375
ord2136
ord2125
ord1355
ord121
ord2166
ord81
ord1887
ord1587
ord2176
ord1806
ord2297
ord1810
ord35
ord39
ord1040
ord1039
ord1026
ord2115
ord1850
ord1672
ord2118
ord2116
ord1849
ord1961
ord2140
ord101
ord1701
ord1971
ord1884
ord2204
ord2282
ord1845
ord1986
ord1999
ord1983
ord1969
ord1909
ord1871
ord1831
ord1876
ord1864
ord1837
ord1868
ord1877
ord1870
ord1863
ord1866
ord1865
ord1867
ord1840
ord1775
ord1646
ord1773
ord1706
ord105
ord82
ord54
ord46
ord1700
ord85
ord2134
ord2131
ord1956
ord1855
ord1658
ord1627
ord99
ord1619
ord76
ord102
ord1622
ord93
ord1621
ord1660
ord2278
ord2200
ord1783
ord1776
ord1838
ord1699
ord1620
ord1854
ord2120
ord2117
ord37
ord1843
ord2261
ord1862
ord1905
ord1577
ord1915
ord1823
ord1623
ord1427
ord1927
ord1885
ord1252
ord90
ord1417
ord1354
ord1523
ord1526
ord1533
ord1506
ord1491
ord1474
ord1513
ord1359
ord1364
ord1353
ord1908
ord1057
ord1642
ord1055
ord92
ord1492
ord1504
ord1581
ord2111
ord1579
ord1578
ord1586
ord1505
ord1499
ord1930
ord1917
ord1851
ord1457
ord2109
ord2018
ord2039
ord1624
ord2121
ord2244
ord2296
ord2264
ord2254
ord2175
ord1841
ord1826
ord1832
ord2165
ord2272
ord2127
ord2029
ord2028
ord1666
ord1048
ord2034
ord2027
ord2045
ord2259
ord1028
ord1053
ord1029
ord2015
ord1025
ord1022
ord2024
ord1970
ord1663

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2014ce8e9363ebebcd1bd3dec29972fc

Headers

File Characteristics

Imports

kernel32

user32

winmm

gdi32

tl221mn

sv221mn

advapi32

Sections

.text Size: 68KB - Virtual size: 68KB

.bss Size: - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 57B

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 41KB - Virtual size: 63KB

.text
Size: 68KB - Virtual size: 68KB

.bss
Size: - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 57B

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 41KB - Virtual size: 63KB