2a454935eb9b38372c31e95e31c60d7b

Sharing

Copy URL Twitter E-mail

General

Target

2a454935eb9b38372c31e95e31c60d7b
Size

365KB
MD5

2a454935eb9b38372c31e95e31c60d7b
SHA1

6b7979468fac300960c8bfc099a4440c2ceba709
SHA256

f5dd84b8697dc18dce9292e4121cbac1a7cd6918cdb47f74e8eec297eb57d50b
SHA512

6b5d42b54bd8d8fd9b869375ab224b4f998d68ed40a9b66234bcc3da3883d98c5d0981e93daad654cd234a9121a900d571705ae2155529d3b0a3b5acc54eba2b
SSDEEP

6144:BSPmufn3xyuNk9LFu0JQlaD9nxaSss1DGu4ucO5/1l9UY9tOq8kzPLcT1:BENIRu0OlaDOFS6ud5ND90qZQ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a454935eb9b38372c31e95e31c60d7b

Files

2a454935eb9b38372c31e95e31c60d7b
.exe windows:4 windows x86 arch:x86

598f022af5296d7f9ee11110fde78deb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
RegisterClassA
ImpersonateDdeClientWindow
ModifyMenuA

shell32

ExtractAssociatedIconExW
DragQueryPoint
SHGetFileInfo

comdlg32

GetFileTitleA
PageSetupDlgW
LoadAlterBitmap

comctl32

InitCommonControlsEx

wininet

DeleteUrlCacheContainerW

advapi32

CryptDestroyKey
InitializeSecurityDescriptor
CryptSetHashParam
CryptDuplicateHash
RegSetValueExA
AbortSystemShutdownW
LookupPrivilegeDisplayNameW
RegOpenKeyExW
CryptGetDefaultProviderA
CryptGenKey
RegSaveKeyW
RegFlushKey
CryptReleaseContext
RegNotifyChangeKeyValue
RegEnumKeyA
CryptContextAddRef

kernel32

SetStdHandle
HeapSize
GetCurrentDirectoryA
GetCurrentThread
VirtualFree
InterlockedIncrement
CreateFileA
GetCurrentProcessId
GetFileType
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
ReadFile
GetConsoleMode
CreateMutexA
GetStringTypeA
IsValidLocale
GetDateFormatA
GetStdHandle
WriteFile
SetFilePointer
GetModuleHandleA
FreeLibrary
FreeEnvironmentStringsW
CreateEventW
HeapFree
CompareStringA
GetCurrencyFormatA
InterlockedExchange
GetSystemDirectoryA
EnumSystemLocalesA
GetConsoleOutputCP
WriteConsoleW
GetCommandLineW
MultiByteToWideChar
GetStartupInfoW
GetCommandLineA
GetCurrentProcess
VirtualAlloc
HeapReAlloc
GetUserDefaultLCID
OpenMutexA
GetProcAddress
TlsFree
IsDebuggerPresent
LoadLibraryA
TlsGetValue
GetTimeFormatA
EnterCriticalSection
GetCurrentThreadId
Sleep
GetModuleFileNameA
SetEnvironmentVariableA
DeleteCriticalSection
LCMapStringW
QueryPerformanceCounter
GetOEMCP
CloseHandle
GetModuleHandleW
CompareStringW
SetHandleCount
SetConsoleCtrlHandler
SetLastError
GetConsoleTitleA
HeapDestroy
GetEnvironmentStringsW
WriteConsoleA
TlsSetValue
FlushFileBuffers
UnhandledExceptionFilter
GetStringTypeW
LoadLibraryW
GetModuleFileNameW
GetLastError
GetACP
VirtualQuery
InterlockedDecrement
TerminateProcess
GlobalDeleteAtom
WideCharToMultiByte
GetCPInfo
GetSystemTimeAsFileTime
HeapCreate
GetStartupInfoA
HeapAlloc
SetUnhandledExceptionFilter
GetTickCount
ExitProcess
GetLocaleInfoA
LCMapStringA
LeaveCriticalSection
GetConsoleCP
RtlUnwind
GetTimeZoneInformation
TlsAlloc

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

598f022af5296d7f9ee11110fde78deb

Headers

File Characteristics

Imports

user32

shell32

comdlg32

comctl32

wininet

advapi32

kernel32

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 10KB - Virtual size: 23KB

.data Size: 208KB - Virtual size: 207KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 10KB - Virtual size: 23KB

.data
Size: 208KB - Virtual size: 207KB

.rsrc
Size: 4KB - Virtual size: 3KB