2a040edf8fec7949b092bf22b445246a

Sharing

Copy URL Twitter E-mail

General

Target

2a040edf8fec7949b092bf22b445246a
Size

406KB
MD5

2a040edf8fec7949b092bf22b445246a
SHA1

7177f86bb525b7deb95bb39e9d0ac2498f789c23
SHA256

0fbe85b4ee9636333276056b371d1029464eac3f9d7a5357bef630bab2c2ecd5
SHA512

2cdca2c95a1bfcda7620baa1979c0e2c8df0b706fc31edc54d1694507cea3ef42fa4ed2326e9ad7978e75fa2130126428e3136f798397e57446f08fcd3454427
SSDEEP

6144:PCbCg5ldx6Fp0AZ7iLoWn1TajBeFV36AbH048DR4sct5IMG3HHRC6oxwiVNmQV33:Kv41UX5gBNA0DPT3WwGNW3RS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a040edf8fec7949b092bf22b445246a

Files

2a040edf8fec7949b092bf22b445246a
.exe windows:4 windows x86 arch:x86

5a8ca56d45f012fd41309e822d49486c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FreeUrlCacheSpaceA
CommitUrlCacheEntryW
InternetConfirmZoneCrossing
FindNextUrlCacheContainerW
InternetSetOptionExW

user32

TranslateMDISysAccel
RegisterDeviceNotificationW
RegisterClassA
RegisterClassExA
IsCharUpperA

comctl32

InitCommonControlsEx

comdlg32

LoadAlterBitmap
ChooseColorW

kernel32

CompareStringA
ReadFile
GetProcessHeap
GetOEMCP
TlsAlloc
GetConsoleScreenBufferInfo
WideCharToMultiByte
GetStringTypeA
FindResourceExA
LeaveCriticalSection
LoadLibraryA
GetConsoleCP
lstrcpynW
EnterCriticalSection
GetDiskFreeSpaceExW
GetFileType
ExitProcess
CompareStringW
CreateFileA
WriteFile
GetTimeZoneInformation
HeapFree
InterlockedDecrement
RtlUnwind
TlsSetValue
GetStartupInfoA
GetModuleFileNameA
OpenMutexA
VirtualQuery
UnhandledExceptionFilter
InitializeCriticalSection
TlsFree
GetLastError
IsValidCodePage
InterlockedExchange
SetStdHandle
SetUnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
InterlockedIncrement
SetFilePointer
GetTimeFormatA
VirtualFree
HeapCreate
GetCurrentThread
HeapDestroy
GetProcAddress
GetACP
CreateMutexA
SetConsoleCtrlHandler
GetCurrentThreadId
GetStdHandle
GetCurrentProcess
FreeEnvironmentStringsA
TlsGetValue
SetHandleCount
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
EnumResourceTypesW
Sleep
HeapReAlloc
FreeLibrary
GetStringTypeW
LCMapStringA
TerminateProcess
MultiByteToWideChar
LoadModule
GetCommandLineW
GetDateFormatA
IsDebuggerPresent
GetTickCount
DeleteCriticalSection
QueryPerformanceCounter
SetLastError
HeapAlloc
VirtualAlloc
GlobalUnfix
WaitForSingleObjectEx
GetModuleFileNameW
GetEnvironmentStrings
GetCommandLineA
SetEndOfFile
HeapSize
LCMapStringW
GetLocaleInfoW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetCurrentProcessId
WriteConsoleW
GetModuleHandleA
CloseHandle
FlushFileBuffers
EnumSystemLocalesA
GetConsoleMode
IsValidLocale
GetVersionExA

shell32

FindExecutableW
SHFreeNameMappings

advapi32

CryptEnumProvidersA
RegEnumValueW

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a8ca56d45f012fd41309e822d49486c

Headers

File Characteristics

Imports

wininet

user32

comctl32

comdlg32

kernel32

shell32

advapi32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 10KB - Virtual size: 29KB

.data Size: 211KB - Virtual size: 210KB

.rsrc Size: 512B - Virtual size: 148B

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 10KB - Virtual size: 29KB

.data
Size: 211KB - Virtual size: 210KB

.rsrc
Size: 512B - Virtual size: 148B