22a0d03004ce9192ccac0a5376c88f95

General

Target

22a0d03004ce9192ccac0a5376c88f95
Size

28KB
MD5

22a0d03004ce9192ccac0a5376c88f95
SHA1

63a6108932ee27dab26b62dcdd96908a26983d73
SHA256

d02cddc3ab9442d4b5f9dc6238b6b64003fe22d6f6d4c60f3f04462b5b0da887
SHA512

7ca78e5ac1bdb9572e27de8f9b3b99194a4470c05102ede582291aff12ecf7278d49c2b641a91735a6b9d409bb6fd007070ed057c44710dfa06f93a183d3a780
SSDEEP

768:2JF6G7mgAzcqYqMpSunLlzHeHa5H5J46Wo8cnLj:2j6edA4zRYZ6Wo8cn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22a0d03004ce9192ccac0a5376c88f95

Files

22a0d03004ce9192ccac0a5376c88f95
.exe windows:4 windows x86 arch:x86

be8454e5b5d6a0b5061f5bc6957d9788

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
CopyFileA
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
SetFileAttributesA
GetLastError
GetProcAddress
GetModuleHandleA
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
ReadProcessMemory
GetWindowsDirectoryA
DeleteFileA
TerminateProcess
Module32First
ExitProcess
GetTempPathA
CreateThread
lstrcmpiA
WaitForSingleObject
CreateProcessA
GetLocaleInfoA
GetVersionExA
LoadLibraryA
ExpandEnvironmentStringsA
GetCurrentProcess
ReleaseMutex
CreateMutexA
TerminateThread
GetFileAttributesA
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
GetStartupInfoA
Sleep
Module32Next
ExitThread

user32

EmptyClipboard
SetClipboardData
FindWindowExA
SendMessageA
IsWindow
FindWindowA
OpenClipboard
VkKeyScanA
ShowWindow
SetFocus
SetForegroundWindow
keybd_event
BlockInput
SwitchToThisWindow
GetWindowTextA
CloseClipboard
GetMenu

msvcrt

_CxxThrowException
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
strncpy
strlen
strcpy
memcpy
sprintf
memset
strcat
srand
strstr
strcmp
_except_handler3
rand
strchr
free
malloc
_vsnprintf
??2@YAPAXI@Z
_snprintf
strtok
memcmp
atoi
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
??1type_info@@UAE@XZ

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
SysAllocString
VariantInit

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be8454e5b5d6a0b5061f5bc6957d9788

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

ole32

oleaut32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 276KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 276KB