21aa9d7f36cf0ba49dfa150d95feebb4

Sharing

Copy URL Twitter E-mail

General

Target

21aa9d7f36cf0ba49dfa150d95feebb4
Size

570KB
MD5

21aa9d7f36cf0ba49dfa150d95feebb4
SHA1

34c8999a1588cbb25a8d0b823c0c7a487c42de55
SHA256

12855bcd610e4d71b91af54c1ee30ed2252c83f90989e3ebf36b18920c63efa2
SHA512

e9baf7e957d992eef55c0424707f9bc8a6bb32d99b5dcdb595ce40857549a86d7558e68d79ae1606c327f6b6781c2fb79f7b1553550b75b674ab3ad4aaa49fcd
SSDEEP

12288:ogXzY0Twd2Je9emCsFKiOINeZI9+TAZWKG39GhbJjL/22AgayYr:ogX1Tde9edsFLtQZkVQ1khb9L5D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21aa9d7f36cf0ba49dfa150d95feebb4

Files

21aa9d7f36cf0ba49dfa150d95feebb4
.exe windows:4 windows x86 arch:x86

542cae6b75b55edb9a6c992beb0252be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconEx
SHGetFileInfoW
SHInvokePrinterCommandW
ShellExecuteExW

advapi32

CryptHashData
RevertToSelf
RegRestoreKeyW
CryptSetKeyParam
RegCreateKeyA

comctl32

ImageList_SetFilter
CreateUpDownControl
ImageList_SetIconSize
ImageList_DragLeave
ImageList_AddIcon
ImageList_SetOverlayImage
ImageList_GetImageCount
InitMUILanguage
_TrackMouseEvent
ImageList_AddMasked
CreateStatusWindow
CreatePropertySheetPageW
ImageList_Draw
InitCommonControlsEx
DrawStatusText

comdlg32

LoadAlterBitmap
ReplaceTextW
ChooseFontW

user32

RegisterClassExA
RemovePropW
GetSystemMenu
MessageBoxA
EndPaint
CharUpperBuffW
GetWindowLongW
GetOpenClipboardWindow
AnimateWindow
OpenInputDesktop
CharToOemBuffW
CreateWindowExW
CreateDialogIndirectParamA
MapDialogRect
DestroyWindow
GetWindowLongA
SetWindowWord
ShowWindow
GetScrollInfo
SetRectEmpty
DefFrameProcW
DdeAbandonTransaction
SetMenuItemBitmaps
SendIMEMessageExA
GetDlgItemTextA
GetGuiResources
DrawTextW
DdeFreeStringHandle
FillRect
CopyAcceleratorTableA
ChangeDisplaySettingsW
InsertMenuW
GetTitleBarInfo
LoadCursorA
GetCaretPos
GetMenuItemID
EnumDisplaySettingsW
SetWindowsHookW
DrawIcon
ChangeDisplaySettingsExW
DrawTextExW
SetRect
ChangeClipboardChain
DefWindowProcA
RealGetWindowClass
CharUpperW
DdeFreeDataHandle
DdeCreateStringHandleA
GetWindowInfo
AnyPopup
FreeDDElParam
SetThreadDesktop
MessageBoxIndirectA
RegisterClassA
GetClipboardFormatNameA

kernel32

SetConsoleOutputCP
GetUserDefaultLangID
GetFileType
GetProcAddress
PulseEvent
HeapCreate
LoadLibraryA
HeapDestroy
QueryPerformanceCounter
IsBadWritePtr
GetStdHandle
EnumTimeFormatsA
VirtualProtectEx
InterlockedExchange
GetProcessAffinityMask
OpenWaitableTimerW
ReadConsoleOutputCharacterA
GetShortPathNameW
TransactNamedPipe
ExitProcess
SleepEx
DeleteCriticalSection
DeleteFiber
ReleaseSemaphore
GetCurrentProcessId
GetFullPathNameA
GetTimeFormatA
CreateMutexA
GetWindowsDirectoryW
TlsGetValue
GetFileTime
GlobalReAlloc
FormatMessageW
VirtualAlloc
GlobalSize
GetStringTypeW
FindAtomA
LCMapStringA
LCMapStringW
GetDiskFreeSpaceA
GetLongPathNameW
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetSystemDefaultLangID
GetCurrentProcess
ReadFileEx
RtlUnwind
FreeEnvironmentStringsA
ReleaseMutex
GetNamedPipeInfo
SetFilePointer
SetThreadPriority
SetStdHandle
GetCurrentThread
EnterCriticalSection
VirtualLock
MultiByteToWideChar
CreateFileMappingA
FreeEnvironmentStringsW
GetVersion
IsBadReadPtr
GetSystemTime
GetThreadPriorityBoost
TerminateProcess
DeleteFileW
FlushFileBuffers
VirtualQuery
SetEnvironmentVariableA
GetEnvironmentStrings
InitializeCriticalSection
OpenEventW
GetTimeZoneInformation
OpenMutexA
OutputDebugStringA
GetFullPathNameW
EnumCalendarInfoExW
CompareStringA
CreateWaitableTimerA
LeaveCriticalSection
TlsSetValue
GetModuleFileNameA
GetThreadTimes
GetEnvironmentStringsW
GetTickCount
GetFileAttributesExW
SetLastError
VirtualFree
WriteFile
GetLastError
CreateSemaphoreW
GetCommandLineW
GetProcAddress
GetStartupInfoA
lstrlenA
GetNamedPipeHandleStateA
SetCriticalSectionSpinCount
InterlockedIncrement
WriteProfileStringW
ReadFile
OpenProcess
HeapFree
GetConsoleCursorInfo
GetCPInfo
GetStringTypeA
CompareStringW
CreateToolhelp32Snapshot
GetLocaleInfoW
GetPrivateProfileStringA
SetHandleCount
TlsAlloc
WideCharToMultiByte
TlsFree
GetCurrentThreadId
GetCommandLineA
GetDiskFreeSpaceExW
CloseHandle
EnumResourceTypesA
GetStartupInfoW
GetLocalTime
GetLocaleInfoA
HeapReAlloc
TerminateThread
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
HeapAlloc
SetConsoleCursorPosition

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

542cae6b75b55edb9a6c992beb0252be

Headers

File Characteristics

Imports

shell32

advapi32

comctl32

comdlg32

user32

kernel32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 249KB - Virtual size: 248KB

.data Size: 111KB - Virtual size: 137KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 249KB - Virtual size: 248KB

.data
Size: 111KB - Virtual size: 137KB

.rsrc
Size: 36KB - Virtual size: 35KB