2a517d910f0cc3e60ecb6ef8467aba1d

Sharing

Copy URL Twitter E-mail

General

Target

2a517d910f0cc3e60ecb6ef8467aba1d
Size

67KB
MD5

2a517d910f0cc3e60ecb6ef8467aba1d
SHA1

5adffacc61355efa7891e6347792a88b1a981750
SHA256

951c1391ffd5fc753ca6916aa7bd36c2c09fdf6d366ac47a989d70258a316fed
SHA512

28008f8a44b8b69fe91dbe7eff4683433174c34bf4dc873838ea3d75ae94adbbbdde866b3a45f250beb7e909be843e582600293a197b5aafad135c5d2017aa84
SSDEEP

1536:nanFgFBB3FLSH2tXw87kx3wmglSPGRWdfPv9LaFzfG:6GBAH2tg87y3RgKvpo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a517d910f0cc3e60ecb6ef8467aba1d

Files

2a517d910f0cc3e60ecb6ef8467aba1d
.exe windows:4 windows x86 arch:x86

09855346514b64bf1d5ed9ecbf371d6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcW
EqualRect
EnableMenuItem
CreatePopupMenu
MoveWindow
DestroyWindow
IsWindow
SetWindowRgn
SetPropW
DestroyMenu
DestroyIcon
GetDlgItem
GetDC
TrackPopupMenu
GetPropA
GetWindowTextLengthW
RedrawWindow
TranslateMessage
SendDlgItemMessageW
GetWindow
CharNextA
PtInRect
SetWindowTextA
GetKeyState

advapi32

QueryServiceStatus
RegDeleteKeyW
RegDeleteKeyA
RegEnumKeyExW
RegOpenKeyW
RegCreateKeyExW
OpenThreadToken
RegQueryValueExW

kernel32

FindClose
SetLastError
QueryPerformanceFrequency
LoadLibraryA
DeleteFileA
DeleteCriticalSection
EnumSystemLocalesA
WriteFile
VirtualAlloc
OutputDebugStringW
InterlockedDecrement
GetEnvironmentStringsW
Sleep
SetUnhandledExceptionFilter
SetHandleCount
FindNextFileW
LoadResource
GetModuleHandleA
FileTimeToSystemTime
InterlockedIncrement
GetOEMCP
GetCommandLineA
GetProcAddress
GetLastError
ExitProcess
TerminateProcess
CloseHandle
InterlockedExchange
FileTimeToLocalFileTime
GetStringTypeW
lstrcpyA
GetStartupInfoA
InitializeCriticalSection
GetCurrentThreadId
LeaveCriticalSection
SizeofResource
LCMapStringA
SetConsoleCP
GetSystemTimeAsFileTime
IsValidCodePage
GlobalFree
GetFileType
EnterCriticalSection
GetCurrentProcessId
LockResource
GetModuleFileNameA
GetSystemDefaultLCID
SetEvent
HeapAlloc
GetACP
UnhandledExceptionFilter
TlsGetValue
SetStdHandle
GetTempPathA
VirtualProtect
GetCPInfo

gdi32

Rectangle
RestoreDC
CreateFontIndirectW
GetDIBits
GetDeviceCaps

msvcrt

??1type_info@@UAE@XZ
_XcptFilter
memcpy
__dllonexit
_wcsicmp
malloc
_controlfp
_adjust_fdiv
wcsrchr
_unlock

ole32

CoCreateInstance
CoTaskMemFree

rpcrt4

RpcStringFreeW

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09855346514b64bf1d5ed9ecbf371d6f

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

gdi32

msvcrt

ole32

rpcrt4

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 51KB - Virtual size: 76KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 51KB - Virtual size: 76KB