2819c2ea5ba401ef65cb81f4773a1462

Sharing

Copy URL Twitter E-mail

General

Target

2819c2ea5ba401ef65cb81f4773a1462
Size

244KB
MD5

2819c2ea5ba401ef65cb81f4773a1462
SHA1

39ccefd80a526f0f4aa5e66598e2f285244ad69b
SHA256

8acfaa43735305b57e8bf20fdf0299c90726384eadcc5dca5b7ff05dc38b3c0d
SHA512

2c9f411607164048204b9d8129c97ef0bc4fa1ce1473b029bc29de24618d1c72312d2815ac6a82ee5f0f23e69a0bd9ac4116244fb42e4720ad1b0fb414d56845
SSDEEP

6144:Y6Yut6lAp34a4pzsRndGJcdRHmrDI/8GrZezijd5dX:Brp3YsRYaRSXsWijdb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2819c2ea5ba401ef65cb81f4773a1462

Files

2819c2ea5ba401ef65cb81f4773a1462
.exe windows:4 windows x86 arch:x86

fc7c862ba0d4e97d8e3768d8bdfcfc9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetKerningPairsA
GetPath

user32

MessageBoxIndirectA
GetMenuStringW
InsertMenuW
RegisterClipboardFormatW
ExitWindowsEx
DdeQueryStringW
GetDoubleClickTime
EnumPropsW
ActivateKeyboardLayout
GetKeyNameTextW
SetDlgItemTextW
DdeFreeStringHandle
ChangeMenuA
ReplyMessage
SetUserObjectSecurity

shell32

SHGetFileInfo
SHInvokePrinterCommandA
DragQueryFileAorW
SHEmptyRecycleBinA
DoEnvironmentSubstW
SHGetPathFromIDList

wininet

InternetGetConnectedStateExA
GopherGetLocatorTypeW
DeleteUrlCacheContainerW
HttpSendRequestA
InternetFortezzaCommand

kernel32

GetStringTypeW
GetSystemInfo
GetLocaleInfoW
GetStdHandle
InitializeCriticalSection
GetVersionExA
CompareStringA
LeaveCriticalSection
GetStringTypeA
GetModuleHandleA
GetTickCount
SetLastError
GetLocaleInfoA
GetConsoleCP
GetDateFormatA
WriteFile
GetCommandLineA
SetHandleCount
CopyFileExA
GetProfileStringW
GetUserDefaultLCID
LoadLibraryA
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCurrentThreadId
GlobalAlloc
UnhandledExceptionFilter
GetCurrentProcessId
VirtualProtectEx
VirtualProtect
IsValidCodePage
OpenEventW
GetCurrentProcess
GetCurrentThread
GetConsoleTitleW
RtlUnwind
LockResource
TerminateProcess
HeapAlloc
lstrcatA
EnterCriticalSection
VirtualAlloc
FlushFileBuffers
EnumSystemLocalesA
SetFileAttributesW
HeapSize
IsValidLocale
GetACP
FindResourceExW
GetCPInfo
TlsSetValue
InterlockedExchange
TlsFree
HeapReAlloc
WideCharToMultiByte
VirtualFree
GetSystemTimeAsFileTime
LCMapStringW
VirtualQuery
GetTimeFormatA
FreeEnvironmentStringsA
GetFileAttributesW
GetTempFileNameW
GetDateFormatW
GetTimeZoneInformation
GetComputerNameW
SuspendThread
QueryPerformanceCounter
ExitProcess
LCMapStringA
TlsAlloc
DeleteCriticalSection
HeapFree
GetStartupInfoA
HeapDestroy
TlsGetValue
RemoveDirectoryW
MultiByteToWideChar
EnumDateFormatsExA
SetEnvironmentVariableA
GetOEMCP
GetEnvironmentStrings
GetFileType
CompareStringW
HeapCreate
FileTimeToDosDateTime
IsBadWritePtr
GetModuleFileNameA
GetProcAddress

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc7c862ba0d4e97d8e3768d8bdfcfc9e

Headers

File Characteristics

Imports

gdi32

user32

shell32

wininet

kernel32

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 111KB - Virtual size: 137KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 111KB - Virtual size: 137KB

.rsrc
Size: 8KB - Virtual size: 7KB