2a148ba64407260a0a38e6d23c52b271

Sharing

Copy URL Twitter E-mail

General

Target

2a148ba64407260a0a38e6d23c52b271
Size

448KB
MD5

2a148ba64407260a0a38e6d23c52b271
SHA1

9d812317b443d5ae4a3510797026815eeb9ad3f4
SHA256

6459f16732248e180c51558aa13a81869436d48d0c194130290c2b528c108e6d
SHA512

70c8c381d3588981d1efa58691157c2d5c630f4bd02646549c891450a13afa3588e30180669f65c80d9ef6fafb4ee118fffa4ffd4ceb49ba06d95c8762a7cdf6
SSDEEP

12288:BW2Tq3xEfGDcQUqW2UcOX5QnzByg6n4lD6xzOl8wPwCy+rKG:B9T8xmGDofH6Vcn4t6ePG+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a148ba64407260a0a38e6d23c52b271

Files

2a148ba64407260a0a38e6d23c52b271
.exe windows:4 windows x86 arch:x86

eb78b0e7f268342e95002a79a6abd119

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetWindowOrgEx
ScaleWindowExtEx
GetNearestColor
PtInRegion
GetWorldTransform
SetEnhMetaFileBits
GetKerningPairs
PathToRegion
GetEnhMetaFileDescriptionA
GetSystemPaletteUse
CreatePen

wininet

FindFirstUrlCacheGroup
CommitUrlCacheEntryW
ResumeSuspendedDownload
FtpDeleteFileA
InternetOpenUrlW
GetUrlCacheGroupAttributeW
InternetOpenUrlA
RetrieveUrlCacheEntryStreamW
InternetCombineUrlA
InternetWriteFileExW
ShowSecurityInfo
InternetDial
GopherGetLocatorTypeW
InternetLockRequestFile
InternetOpenA

advapi32

RegSetValueW
RegOpenKeyExA
CryptReleaseContext
CryptSetProvParam
CryptSetProviderA
CryptImportKey
CryptDuplicateHash
CryptSetProviderExW
RegSetKeySecurity
RegQueryMultipleValuesW

user32

GetClientRect
SystemParametersInfoA
GetDC
IsChild
BeginPaint
PackDDElParam
GetClipboardData
EnumPropsExA
VkKeyScanW
CallMsgFilterW
ScrollWindowEx
CharPrevExA
SetDeskWallpaper
GetPropA
SystemParametersInfoW
GetUserObjectSecurity
GetClipCursor
GrayStringW
DdeDisconnectList
SetWinEventHook
SetThreadDesktop
GetScrollRange
LoadMenuIndirectW
EndMenu
SetTimer

kernel32

VirtualAlloc
GetOEMCP
GetStartupInfoW
InterlockedExchange
GetDateFormatA
SetLastError
GetCPInfo
CloseHandle
QueryPerformanceCounter
VirtualFree
CompareStringW
GetStringTypeExW
GetProcessHeap
lstrcmpW
FreeEnvironmentStringsA
TlsFree
WriteFile
TlsGetValue
GetEnvironmentStrings
GetCommandLineA
EnterCriticalSection
HeapSize
GetCurrentThreadId
GetConsoleMode
GetLocaleInfoW
ExitProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCurrentThread
HeapCreate
LCMapStringA
IsDebuggerPresent
DeleteCriticalSection
GetStartupInfoA
HeapFree
GetVersionExA
SetConsoleCtrlHandler
LoadLibraryA
GetLocaleInfoA
CompareStringA
HeapAlloc
GetStringTypeA
GetModuleFileNameW
UnhandledExceptionFilter
VirtualQuery
HeapDestroy
GetCurrentProcessId
MultiByteToWideChar
GetACP
GetModuleHandleA
LeaveCriticalSection
IsValidCodePage
lstrlenW
TlsSetValue
FreeEnvironmentStringsW
GetStdHandle
SetThreadContext
HeapReAlloc
GetTickCount
GetUserDefaultLCID
GetCurrentProcess
SetEnvironmentVariableA
GetCommandLineW
LoadResource
TlsAlloc
InterlockedCompareExchange
GetModuleFileNameA
GetTimeFormatA
GetStringTypeW
WideCharToMultiByte
LocalFlags
FindNextFileW
GetProcAddress
IsValidLocale
TerminateProcess
GetFileType
RtlUnwind
InterlockedIncrement
InitializeCriticalSection
GetEnvironmentStringsW
Sleep
FreeLibrary
SetUnhandledExceptionFilter
EnumSystemLocalesA
SetHandleCount
GetLastError
InterlockedDecrement
LCMapStringW

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb78b0e7f268342e95002a79a6abd119

Headers

File Characteristics

Imports

gdi32

wininet

advapi32

user32

kernel32

Sections

.text Size: 156KB - Virtual size: 156KB

.data Size: 280KB - Virtual size: 284KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 156KB - Virtual size: 156KB

.data
Size: 280KB - Virtual size: 284KB

.rsrc
Size: 10KB - Virtual size: 10KB