2ab50c35c9d0d4fb8f894d50df877ab6

Sharing

Copy URL Twitter E-mail

General

Target

2ab50c35c9d0d4fb8f894d50df877ab6
Size

380KB
MD5

2ab50c35c9d0d4fb8f894d50df877ab6
SHA1

ca3d4aa5528074125162e2c25654638e8fe626fb
SHA256

0f7774d71d7eb2d8f2c181cc2b9fb4c0fd250d43dfc602c3827907812551f4c2
SHA512

3ac7999d805bd25e7af5d0c7759e1ea844107966dc850a794f0b0a05dbef7afff45a451748fd8e865b746223793399f122659b262f69954c9827663b7af0c922
SSDEEP

6144:43dtzWsLSxKmoZY9iHcRIUl8FexagLu+pyMCnTG60F5K4P0Mk3vQpRnmF28/DWL2:wdZWsFTZY9ll8OaWyMyG60F5K4PP7DmZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ab50c35c9d0d4fb8f894d50df877ab6

Files

2ab50c35c9d0d4fb8f894d50df877ab6
.exe windows:4 windows x86 arch:x86

a21bfba4fd76405f373fbbd21bae9c44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW

gdi32

ScaleWindowExtEx
CreateEllipticRgn
GetEnhMetaFileDescriptionW
CreateCompatibleBitmap

advapi32

RegOpenKeyW
CryptDuplicateKey

wininet

FtpPutFileEx
InternetHangUp
DeleteUrlCacheContainerW
InternetSetOptionExA
FindFirstUrlCacheEntryW
GopherCreateLocatorW
InternetQueryOptionW
GetUrlCacheConfigInfoW
CreateUrlCacheContainerW
SetUrlCacheEntryInfoA
InternetSetDialStateA
FindNextUrlCacheContainerW
FindFirstUrlCacheEntryExW
HttpEndRequestW
InternetAutodial

kernel32

TlsGetValue
MoveFileA
TerminateProcess
GetTickCount
HeapAlloc
SetLastError
LoadLibraryA
GetProcAddress
HeapReAlloc
GetEnvironmentStringsW
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetStartupInfoW
GetProfileIntA
DeleteCriticalSection
InitializeCriticalSection
GetFileType
GetStartupInfoA
ExitProcess
VirtualQuery
CreateSemaphoreW
GetModuleFileNameA
OpenWaitableTimerW
SetSystemTime
GetTimeFormatA
VirtualAlloc
GetCommandLineW
RtlUnwind
LeaveCriticalSection
SetFileAttributesA
FillConsoleOutputCharacterA
ReadConsoleOutputCharacterW
TlsSetValue
VirtualFree
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
EnterCriticalSection
GetModuleFileNameW
EnumDateFormatsW
GetModuleHandleA
HeapCreate
GetCurrentProcess
InterlockedExchange
SetHandleCount
GetStdHandle
GetCurrentProcessId
GetCurrentThreadId
UnhandledExceptionFilter
GetCurrentThread
EnumDateFormatsExA
TlsFree
ReadConsoleA
QueryPerformanceCounter
HeapFree
SetLocaleInfoA
InterlockedExchangeAdd
GetCurrentDirectoryA
GetCommandLineA
GetVersion
HeapDestroy
MultiByteToWideChar
TransactNamedPipe
TlsAlloc
GetLastError
WriteFile

shell32

SHInvokePrinterCommandW
DragQueryFileW
InternalExtractIconListA
SHGetDataFromIDListA
SHGetFileInfo
SHGetFileInfoA
CommandLineToArgvW
SHEmptyRecycleBinW
ExtractIconExA
CheckEscapesW
DragQueryPoint
ExtractIconExW
ShellExecuteExW
SHFormatDrive
SheChangeDirA
SheChangeDirExW
ExtractIconA
SHLoadInProc

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a21bfba4fd76405f373fbbd21bae9c44

Headers

File Characteristics

Imports

comdlg32

gdi32

advapi32

wininet

kernel32

shell32

Sections

.text Size: 108KB - Virtual size: 108KB

.data Size: 265KB - Virtual size: 264KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 108KB - Virtual size: 108KB

.data
Size: 265KB - Virtual size: 264KB

.rsrc
Size: 6KB - Virtual size: 5KB