2ba83c20113ca2f94a7220add3c9b348

Sharing

Copy URL Twitter E-mail

General

Target

2ba83c20113ca2f94a7220add3c9b348
Size

555KB
MD5

2ba83c20113ca2f94a7220add3c9b348
SHA1

46b793e5a0a00b3ec5cdcf0df735c8eefdb9f0b7
SHA256

9ab41e862e796e6a02dfd7a49d7a1cf08d34263b20af12995e637edd1a7cc251
SHA512

ffee8615dc56cfdbd7facc8a31cfc6b2435372f3f81577b3ebdd7488c3566fc6cda5350582550ac6fe249882675a95151bd923faa074ea2b5fa0203a44ede51a
SSDEEP

12288:THRAygyzMl2JnWhY+VzEFulq1dNKom7MuUsZvPUK18KzVuvx4h:THR1RzMl2dgRE8I1T/aMuUsZvPvWKzVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba83c20113ca2f94a7220add3c9b348

Files

2ba83c20113ca2f94a7220add3c9b348
.exe windows:4 windows x86 arch:x86

b469a2014d4966109b02c3a3e142e431

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
LookupPrivilegeNameW
CryptEnumProviderTypesA
RegQueryInfoKeyW
DuplicateToken
RegCreateKeyExW
RegSetKeySecurity
RegReplaceKeyA
GetUserNameA

user32

RemovePropW
RegisterClassA
RegisterClassExA

comctl32

InitCommonControlsEx

kernel32

CompareStringA
GetFileType
GetModuleHandleA
SetEnvironmentVariableA
LeaveCriticalSection
IsDebuggerPresent
WriteConsoleW
SetFilePointer
ExitProcess
VirtualQuery
GetCPInfo
VirtualAlloc
CloseHandle
WriteConsoleA
GetStdHandle
Sleep
GetLastError
CreateFileA
TlsAlloc
GetCurrentThreadId
HeapReAlloc
GetConsoleMode
GetModuleFileNameW
FreeLibrary
GetDateFormatA
FreeEnvironmentStringsW
TerminateProcess
GetStringTypeW
lstrlenA
RtlUnwind
WideCharToMultiByte
GetLocaleInfoA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
InterlockedExchange
TlsFree
LoadLibraryA
FlushFileBuffers
TlsSetValue
GetLocaleInfoW
GetCommandLineA
GetStartupInfoA
InterlockedIncrement
EnterCriticalSection
GetCurrentThread
CreateWaitableTimerW
GetModuleHandleW
GetCommandLineW
GetTimeFormatA
GetTimeZoneInformation
LCMapStringA
EnumSystemLocalesA
SetUnhandledExceptionFilter
GetModuleFileNameA
GetSystemTimeAsFileTime
GetConsoleCP
HeapSize
GetUserDefaultLCID
LCMapStringW
WriteFile
DeleteCriticalSection
OpenMutexA
GetCurrentProcessId
GetStartupInfoW
VirtualFree
SetHandleCount
HeapDestroy
GetStringTypeA
TlsGetValue
GetTickCount
GetEnvironmentStringsW
IsValidLocale
HeapFree
SetConsoleCtrlHandler
InterlockedDecrement
CreateMutexA
QueryPerformanceCounter
MultiByteToWideChar
GetConsoleOutputCP
UnhandledExceptionFilter
HeapAlloc
IsValidCodePage
GetOEMCP
GetDiskFreeSpaceA
CompareStringW
SetLastError
ReadFile
HeapCreate
GetProcAddress
GetACP

Sections

.text
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b469a2014d4966109b02c3a3e142e431

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

Sections

.text Size: 213KB - Virtual size: 212KB

.rdata Size: 9KB - Virtual size: 29KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 213KB - Virtual size: 212KB

.rdata
Size: 9KB - Virtual size: 29KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 15KB - Virtual size: 14KB