2a6c41538e44a54f762658ec755006d7

Sharing

Copy URL Twitter E-mail

General

Target

2a6c41538e44a54f762658ec755006d7
Size

559KB
MD5

2a6c41538e44a54f762658ec755006d7
SHA1

48012aec4087c2f2c61f4de2e7b36f0aeb6c8e93
SHA256

2c981540f54f796d7cd9a1737b71de1f9a2808a829058fe04161ac7f0e33f878
SHA512

a49dc457fc9849cb3c786f33f7ded22728697c438c3984c61a6b526d07b3dc96ff1aa9b2251a9a591c04a2d74b86634bfac69231abd78ba02d68542ce3ea96ac
SSDEEP

12288:VRtdbGs/JiOOBf73xe8sbb7ONk8kTG0k+Jil1qL:Fd/81Bz3t3NgG0k+J8QL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a6c41538e44a54f762658ec755006d7

Files

2a6c41538e44a54f762658ec755006d7
.exe windows:4 windows x86 arch:x86

81975eacef81222be02d3e9d5ba6ea08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon

kernel32

LCMapStringA
CloseHandle
VirtualQueryEx
CreateSemaphoreA
LoadLibraryExA
WriteFile
HeapCreate
GetCPInfo
GetTempPathA
GetLocalTime
GetUserDefaultLangID
EnumResourceNamesW
LeaveCriticalSection
EnumResourceLanguagesW
SetThreadPriority
SetStdHandle
FindResourceExA
OpenWaitableTimerA
SuspendThread
GetCompressedFileSizeA
GlobalCompact
GetTickCount
InterlockedDecrement
GetStdHandle
InterlockedExchange
RtlUnwind
ReadFile
GetProcessShutdownParameters
lstrlenA
GetModuleFileNameW
GetWindowsDirectoryA
GlobalAddAtomA
TlsFree
MultiByteToWideChar
GetLastError
GlobalFindAtomA
GetEnvironmentVariableA
GetSystemTimeAdjustment
GlobalSize
GlobalFlags
RtlFillMemory
ReleaseSemaphore
QueryPerformanceCounter
SetFilePointer
InitializeCriticalSection
AllocConsole
GetCommandLineA
IsBadWritePtr
GetProcAddress
SetEnvironmentVariableA
GetProcAddress
VirtualQuery
ExitProcess
WriteConsoleOutputCharacterA
lstrcmpi
CommConfigDialogA
FormatMessageA
TransactNamedPipe
SetHandleCount
HeapDestroy
WaitForMultipleObjectsEx
TlsAlloc
InterlockedIncrement
TlsGetValue
GetStartupInfoA
GetStringTypeA
CopyFileA
GetModuleHandleA
GetCommandLineW
GetACP
HeapReAlloc
CompareStringA
CompareStringW
LCMapStringW
GetTimeZoneInformation
WaitCommEvent
SetCurrentDirectoryW
CreateProcessA
TerminateProcess
GetEnvironmentStrings
GetEnvironmentStringsW
CreateWaitableTimerW
GetModuleFileNameA
DeleteCriticalSection
GetShortPathNameW
OpenMutexA
GetCurrentProcessId
VirtualProtectEx
IsValidLocale
UnhandledExceptionFilter
GetThreadPriorityBoost
GetStartupInfoW
AddAtomA
LoadLibraryA
WritePrivateProfileSectionW
FreeEnvironmentStringsW
FlushFileBuffers
GetDriveTypeA
LocalShrink
SetEvent
GetLogicalDriveStringsW
EnumCalendarInfoA
GetStringTypeW
GetCurrentThread
CreateDirectoryW
GetSystemTime
TlsSetValue
VirtualFree
ReadConsoleA
SystemTimeToFileTime
CreatePipe
GetFileAttributesA
GetNumberFormatW
CreateMutexA
VirtualAlloc
FreeEnvironmentStringsA
GetNumberFormatA
EnterCriticalSection
HeapFree
AddAtomW
GetVersion
GetCurrentProcess
HeapAlloc
GetCurrentThreadId
GetSystemTimeAsFileTime
GetFileType
WideCharToMultiByte
SetLastError

shell32

SHLoadInProc
SHBrowseForFolderW
SHFreeNameMappings
SHGetInstanceExplorer
DragQueryFileW

wininet

GetUrlCacheEntryInfoA
InternetReadFileExW
InternetCreateUrlA
InternetConnectW

advapi32

InitiateSystemShutdownW
CryptContextAddRef
RegDeleteValueA
CryptSetProviderExW
CryptEnumProviderTypesA
LogonUserW
CryptGenKey
RegRestoreKeyA
RegCreateKeyW
CryptGetHashParam
CryptGetDefaultProviderA
RegFlushKey
RegSaveKeyW
RegCreateKeyA
CryptEnumProvidersA
RegOpenKeyExA
CryptEnumProvidersW
CryptDestroyHash
CryptImportKey
RegQueryMultipleValuesA
RegSaveKeyA

user32

RegisterClassExA
CreateWindowExW
RealGetWindowClass
FillRect
GetDesktopWindow
TranslateAcceleratorW
GetUserObjectSecurity
EnumDisplayDevicesA
GetIconInfo
GetActiveWindow
PackDDElParam
DdeFreeStringHandle
ChildWindowFromPoint
TranslateAcceleratorA
SetPropW
GetClassInfoW
OpenWindowStationW
RegisterClassA
ModifyMenuA
LoadKeyboardLayoutA
UnhookWindowsHook
SetCursor
SetDoubleClickTime
VkKeyScanA
IntersectRect
DefWindowProcA
CopyAcceleratorTableA
wsprintfA
SetMessageQueue
MessageBoxW
FlashWindow
CharPrevA
GetWindowRect
SetClassLongW
DestroyWindow
wvsprintfW
DdeQueryConvInfo
ShowWindow
GetThreadDesktop
SendDlgItemMessageA
DefFrameProcA
GrayStringW
SetWindowsHookW
BringWindowToTop
ChangeDisplaySettingsExA
DdeAccessData
InsertMenuItemA
LoadMenuIndirectW
CheckMenuItem
SetClassLongA

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81975eacef81222be02d3e9d5ba6ea08

Headers

File Characteristics

Imports

comctl32

kernel32

shell32

wininet

advapi32

user32

Sections

.text Size: 137KB - Virtual size: 136KB

.rdata Size: 249KB - Virtual size: 248KB

.data Size: 111KB - Virtual size: 123KB

.rsrc Size: 61KB - Virtual size: 61KB

.text
Size: 137KB - Virtual size: 136KB

.rdata
Size: 249KB - Virtual size: 248KB

.data
Size: 111KB - Virtual size: 123KB

.rsrc
Size: 61KB - Virtual size: 61KB