2a1b9515b904d05cd9e295458f118d66

General

Target

2a1b9515b904d05cd9e295458f118d66
Size

105KB
MD5

2a1b9515b904d05cd9e295458f118d66
SHA1

ddac8ce41060705a02396fbd7803d72f87dc83c5
SHA256

738a3ea384b8b4e6c5cfbe2d43592f65f469d0846b89db96043863062d3cf929
SHA512

99610057758443697eb2994c351247ae1c0e8ff39cd9c1edf5abccf0967f78cc308f12575935382f4fcb8fd9d512a988802db6ee2517faf3093c5581074b3e23
SSDEEP

1536:J1x1f81u9mjOcuNSC+ND0iQHbTyqVL1t9NcHbP8T1s9pCr29KoEcBQ:J1x1EMcuygL3bHOCr29Koy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a1b9515b904d05cd9e295458f118d66

Files

2a1b9515b904d05cd9e295458f118d66
.exe windows:4 windows x86 arch:x86

ab8e57cce1b952e989e8c00af6271bf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
CopyFileA
DeleteFileA
lstrcmpA
Sleep
GetCurrentDirectoryA
lstrcatA
GetWindowsDirectoryA
GetModuleFileNameA
LocalAlloc
LocalFree
WideCharToMultiByte
InterlockedDecrement
Process32First
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetEndOfFile
ReadFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
CreateFileA
SetStdHandle
SetUnhandledExceptionFilter
lstrlenA
CloseHandle
Process32Next
FlushFileBuffers
SetFilePointer
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
MultiByteToWideChar
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetProcAddress
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

DefWindowProcA
LoadIconA
LoadCursorA
MessageBoxA
CreateWindowExA
SendMessageA
UpdateWindow
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
GetWindowTextA
ShowWindow
RegisterClassA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoInitialize
OleRun
CoCreateInstance

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
GetErrorInfo

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab8e57cce1b952e989e8c00af6271bf2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 95KB - Virtual size: 95KB

.data Size: 8KB - Virtual size: 15KB

.text
Size: 95KB - Virtual size: 95KB

.data
Size: 8KB - Virtual size: 15KB