21af34e1092d3d761776f3f25ca3f5ab

Sharing

Copy URL Twitter E-mail

General

Target

21af34e1092d3d761776f3f25ca3f5ab
Size

86KB
MD5

21af34e1092d3d761776f3f25ca3f5ab
SHA1

a6a2740936570ed5fd9f326d40d7220029584e28
SHA256

7d7f90e4aface9d778bae79e21ac07252799a1096dae1f4a1d78500ad52d204e
SHA512

12901cab86f7be32bc9827d1dd1cdca07d2f48a1f5eab7c16e3e3c9f500490bbe71b0bb432790ef57ec95b7f725de1ef2fe173818e1621572b0b1325abfe6550
SSDEEP

1536:0lHWmyb/oODHA+2T2okLQLd37m3bR+U+XoWgaRJVMSFbb5aImocqFwJY50xwwbw:cdyb/oODHA+Zo2oS3bR+XmSFbb5aMcq9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21af34e1092d3d761776f3f25ca3f5ab

Files

21af34e1092d3d761776f3f25ca3f5ab
.exe windows:1 windows x86 arch:x86

af1b677fffcef1007873835f9c3cfc60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetLocalTime
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetVersion
WinExec
GetCommandLineA
GetLastError
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
MultiByteToWideChar
SetEnvironmentVariableA
GetCurrentThreadId
lstrlenA
GetEnvironmentStrings
GetStartupInfoA
GetModuleHandleA
GetFileType
VirtualFree
GetPrivateProfileStringA
VirtualAlloc

user32

MessageBoxA
wsprintfA
GetSystemMetrics
ShowWindow
SetActiveWindow
GetDC

winmm

sndPlaySoundA
waveOutGetNumDevs

gdi32

GetDeviceCaps

tl221mn

ord250
ord231
ord232
ord226
ord57
ord176
ord69
ord240
ord246
ord174
ord130
ord167
ord227
ord140
ord173
ord184
ord133
ord241
ord156
ord158
ord243
ord138
ord233
ord148
ord225
ord136
ord236
ord125
ord127
ord134
ord129
ord180
ord137

sv221mn

ord1499
ord1885
ord1823
ord1274
ord1843
ord2089
ord2087
ord1252
ord2088
ord2085
ord1822
ord39
ord35
ord37
ord1040
ord1039
ord1026
ord2115
ord1850
ord1672
ord1776
ord2118
ord1849
ord2121
ord1666
ord2116
ord93
ord79
ord1663
ord2015
ord2024
ord78
ord1022
ord1025
ord1862
ord1029
ord1053
ord1048
ord2259
ord1909
ord1905
ord1871
ord1831
ord1876
ord1868
ord1877
ord1840
ord101
ord1621
ord82
ord1526
ord1359
ord1364
ord1587
ord1887
ord1855
ord1969
ord1864
ord1837
ord1863
ord1866
ord1865
ord1867
ord1961
ord2297
ord2282
ord2140
ord1971
ord1884
ord1396
ord1870
ord54
ord46
ord2125
ord2131
ord2303
ord2127
ord2278
ord2244
ord2136
ord2296
ord1956
ord1826
ord1832
ord2175
ord1970
ord2120
ord2117
ord2248
ord2305
ord2319
ord2176
ord2261
ord2312
ord2165
ord2272
ord2166
ord1355
ord1381
ord1379
ord1375
ord1373
ord1395
ord1374
ord1394
ord1391
ord1577
ord1649
ord1915
ord1704
ord2045
ord1028
ord1844
ord1928
ord1927
ord1273
ord1461
ord56
ord1773
ord1838
ord1417
ord1354
ord1706
ord1700
ord1523
ord1533
ord1506
ord1491
ord1474
ord1513
ord1353
ord1845
ord1908
ord1658
ord1646
ord1783
ord1057
ord1642
ord1627
ord99
ord1620
ord76
ord102
ord1622
ord92
ord1660
ord1492
ord1504
ord1581
ord2111
ord1701
ord1579
ord1578
ord1586
ord1505
ord1930
ord1917
ord1775
ord1851
ord1457
ord2109
ord1623
ord1427
ord1986
ord1999
ord1983
ord1912
ord1817
ord1872
ord1624
ord90
ord1699
ord2264
ord2254
ord1841
ord2134
ord2029
ord2028
ord2039
ord2018
ord2034
ord2027

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af1b677fffcef1007873835f9c3cfc60

Headers

File Characteristics

Imports

kernel32

user32

winmm

gdi32

tl221mn

sv221mn

advapi32

Sections

.text Size: 63KB - Virtual size: 62KB

.bss Size: - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 52B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 14KB

.text
Size: 63KB - Virtual size: 62KB

.bss
Size: - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 52B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 14KB