2ac1536897f5cc9528396e2ab8f1113d

Sharing

Copy URL

Twitter E-mail

General

Target

2ac1536897f5cc9528396e2ab8f1113d
Size

88KB
MD5

2ac1536897f5cc9528396e2ab8f1113d
SHA1

a9c2478d6af510d38d15185a4c45b52a1730d34d
SHA256

727a1ef7a303dac5d775cd484cd38bab243b712362fa5ef9b337980ab1751676
SHA512

bd51fd0b9c2b3a5d06f790ce4c94378dfa6f775971b296f9f32377ee59148df8a2d4bfc92ec47c74cb6a8525030323f1103b88b1c00a0b661dda53c0e6e359ec
SSDEEP

1536:s8YO75Wz0OUXJFda19WWuc728KAFctq0WvaTOd+w+fXjlWQlomc:srzGdGecaCoquO0w+fXjlWQlomc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac1536897f5cc9528396e2ab8f1113d

Files

2ac1536897f5cc9528396e2ab8f1113d
.exe windows:4 windows x86 arch:x86

a6d0ab1a3d9b0bb5dcc205ee4114cc7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetSystemDirectoryA
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleHandleA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
ReadFile
GetStartupInfoA
GetWindowsDirectoryA
GetLocalTime
SetLocalTime
LoadLibraryA
GetModuleFileNameA
SetStdHandle
GetCPInfo
GetOEMCP
LocalFree
CopyFileA
GetLastError
FindClose
Sleep
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpyA
CreateThread
lstrlenA
DeleteFileA
WaitForSingleObject
WriteFile
RaiseException
CloseHandle
CreateFileA
DeleteCriticalSection
SetEndOfFile
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
InitializeCriticalSection
GetProcAddress
GetStringTypeW
GetStringTypeA
SetFilePointer
HeapFree
RtlUnwind
ExitProcess
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
HeapSize
FlushFileBuffers

user32

DefWindowProcA
CharNextA
DestroyWindow

advapi32

RegisterServiceCtrlHandlerA
QueryServiceStatus
StartServiceCtrlDispatcherA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
ChangeServiceConfig2A
StartServiceA
SetServiceStatus

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr
VariantClear

comctl32

InitCommonControlsEx

wininet

InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
InternetGetConnectedState
InternetCloseHandle

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6d0ab1a3d9b0bb5dcc205ee4114cc7f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 7KB