1a2cfeaa4ee536901fa9c2538721bacc

Sharing

Copy URL Twitter E-mail

General

Target

1a2cfeaa4ee536901fa9c2538721bacc
Size

59KB
MD5

1a2cfeaa4ee536901fa9c2538721bacc
SHA1

7f4911fa3391887164f32773b7e3a36d33fc436d
SHA256

75cb2e92cc7b3c31ab0c7b428eb2240dcedd9b314d1b84895f9fdbace7997245
SHA512

6ee9f51a05b2105090525a4a21826a436c4fa3ee459122e4f567fdae7f77eb73ec1ef1c9938cee379f24c4ab55f9c706eb957ae9c1925ffcfb79040b073e7f72
SSDEEP

1536:EzGokj9gnGjMhJo9S+TVdeG3hUnZa5N1hzoAo5eDc:EaPjiQMhJU/TVdxRUUFhMb5eDc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a2cfeaa4ee536901fa9c2538721bacc

Files

1a2cfeaa4ee536901fa9c2538721bacc
.exe windows:4 windows x86 arch:x86

fd3921bfe4544e0bed077d9bd4a05fda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegUnLoadKeyA
EnumDependentServicesA
CryptSetKeyParam
CopySid
GetExplicitEntriesFromAclA
CryptDestroyHash
GetNumberOfEventLogRecords
SetServiceStatus
DeregisterEventSource
RegOpenKeyA
ControlService
RegDeleteValueA
CryptSignHashA
AccessCheck
RevertToSelf
FindFirstFreeAce
CryptContextAddRef
QueryServiceObjectSecurity
SetEntriesInAuditListA
OpenEventLogA
InitializeAcl
ChangeServiceConfigA
AllocateAndInitializeSid
CryptGenKey
CryptHashSessionKey
CryptEncrypt
PrivilegeCheck
AddAce
ObjectDeleteAuditAlarmA
GetServiceDisplayNameA
BuildSecurityDescriptorA
GetTrusteeTypeA
GetSecurityDescriptorOwner
RegQueryValueA
GetMultipleTrusteeA

user32

GetProcessDefaultLayout
DdeUnaccessData
SwitchToThisWindow
GetSystemMenu
DdeQueryStringA
SetSysColors
RegisterDeviceNotificationA
SetWindowRgn
GetDC
SetMenuDefaultItem
GetClipboardFormatNameA
GetMenuItemCount
RedrawWindow
FreeDDElParam
ChildWindowFromPointEx
VkKeyScanA
CharToOemBuffA
TileWindows
LookupIconIdFromDirectory
DdeEnableCallback
GetShellWindow
DrawCaption
MsgWaitForMultipleObjects
GetMenuState
GetDoubleClickTime
SetDoubleClickTime
ExcludeUpdateRgn
DrawMenuBar
SendIMEMessageExA
IsWindowUnicode
DestroyMenu
GetMessagePos
CreateAcceleratorTableA
GetWindowWord
FindWindowExA
GetDlgCtrlID
OpenDesktopA
wvsprintfA
LoadAcceleratorsA
GetComboBoxInfo
TranslateAccelerator
PackDDElParam
PostQuitMessage
CreateWindowExA
SetScrollInfo
EnumClipboardFormats
DdeGetLastError
GetWindowRect
SetKeyboardState
GetKeyboardLayoutList
GetNextDlgTabItem
ScrollDC
InSendMessage
EnableScrollBar
EnumDisplayMonitors

kernel32

VirtualAlloc

Sections

.qpoh
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xmt
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ilk
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stkx
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd3921bfe4544e0bed077d9bd4a05fda

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.qpoh Size: 22KB - Virtual size: 45KB

.xmt Size: 5KB - Virtual size: 10KB

.ilk Size: 1024B - Virtual size: 1KB

.stkx Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.qpoh
Size: 22KB - Virtual size: 45KB

.xmt
Size: 5KB - Virtual size: 10KB

.ilk
Size: 1024B - Virtual size: 1KB

.stkx
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB