2ac51952c06f802acbfcf0a7af881c1a

Sharing

Copy URL Twitter E-mail

General

Target

2ac51952c06f802acbfcf0a7af881c1a
Size

621KB
MD5

2ac51952c06f802acbfcf0a7af881c1a
SHA1

dc5504261d0cf4ecef98bfc2eaabd7d968c540e2
SHA256

fe2f99bc854134515612ad8fa6d9acd8f26a347904eaa342167ed61c27762fd5
SHA512

3c407955bdd4a6c7b5febcf25e4b530028d1dcd115478a8f22cc4d5edebc843a165adae7eb465012b5a86e78dc41f74a4819a10e543bf979d3cc46372e21cb56
SSDEEP

12288:iEGRuJbuAFifoEvmImAjQVYeddpta9+AxChwO/wDr7P7MO4:PGkJDkvmIZEVYeddpG+AwwAwDr7j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac51952c06f802acbfcf0a7af881c1a

Files

2ac51952c06f802acbfcf0a7af881c1a
.exe windows:4 windows x86 arch:x86

1f2875caa7f30c157f6d7fddf8320824

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx
ImageList_GetBkColor
ImageList_LoadImageW
ImageList_AddIcon
ImageList_GetImageRect
ImageList_Destroy
ImageList_Write
InitCommonControlsEx
DrawStatusTextA
ImageList_DragMove
ImageList_SetDragCursorImage
CreatePropertySheetPage
MakeDragList
ImageList_Remove
CreatePropertySheetPageW
ImageList_GetImageInfo
CreateToolbar
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_LoadImage
ImageList_DragLeave
ImageList_EndDrag

kernel32

GetWindowsDirectoryA
HeapReAlloc
GlobalDeleteAtom
ReadConsoleOutputAttribute
WideCharToMultiByte
GetACP
LocalUnlock
SetLocaleInfoA
GetEnvironmentStrings
CompareStringA
SetEnvironmentVariableA
GetEnvironmentStringsW
LocalShrink
FreeEnvironmentStringsW
GetLocaleInfoW
IsBadWritePtr
LoadLibraryA
GetTimeZoneInformation
GetStringTypeW
ReadConsoleW
SetPriorityClass
GetModuleHandleA
GetCurrentThread
WriteConsoleW
FlushFileBuffers
GetLocaleInfoA
GetModuleFileNameA
TerminateProcess
GetLongPathNameA
WriteConsoleOutputCharacterA
SetLastError
IsValidLocale
GetDateFormatA
TlsAlloc
WriteFileEx
ReadFile
UnhandledExceptionFilter
GetLastError
ExitProcess
FlushInstructionCache
GetUserDefaultLCID
WriteFile
VirtualLock
HeapCreate
EnterCriticalSection
HeapSize
GetCommandLineW
GetTickCount
CompareStringW
FindResourceExW
QueryPerformanceCounter
LCMapStringA
SetStdHandle
GetModuleFileNameW
HeapAlloc
CreateMailslotW
SetConsoleOutputCP
GetSystemInfo
GetVersionExA
GetStartupInfoW
GetStartupInfoA
GetOEMCP
ConvertDefaultLocale
GetStdHandle
AddAtomW
GetCurrentProcess
CreateMutexA
CommConfigDialogA
DosDateTimeToFileTime
FindNextFileW
VirtualAlloc
GetCurrentThreadId
GlobalCompact
TlsGetValue
VirtualProtect
GetProcAddress
InterlockedExchange
GetCurrentProcessId
EnumSystemLocalesA
VirtualQuery
TlsSetValue
GetCommandLineA
TlsFree
IsValidCodePage
GetStringTypeA
RtlUnwind
GetTimeFormatA
DeleteCriticalSection
FillConsoleOutputAttribute
GetCPInfo
SetHandleCount
GetFileType
LCMapStringW
FreeEnvironmentStringsA
HeapFree
OpenMutexA
LeaveCriticalSection
VirtualFree
MultiByteToWideChar
CloseHandle
OpenWaitableTimerA
GetSystemTimeAsFileTime
SetFilePointer
InitializeCriticalSection
HeapDestroy

user32

SwitchDesktop
ReuseDDElParam
CallMsgFilter
EnumPropsExW
RegisterClassW
OemToCharBuffW
SendMessageW
IntersectRect
LookupIconIdFromDirectory
SendIMEMessageExA
CreateWindowExW
OpenDesktopW
ShowWindowAsync
CascadeWindows
GetWindowDC
CharToOemA
TabbedTextOutA
SetRectEmpty
IsWindowUnicode
wsprintfW
WinHelpW
TrackPopupMenuEx
DefWindowProcA
RegisterClassExA
LoadMenuW
DispatchMessageW
CharPrevW
PeekMessageA
RegisterClassA
GetScrollPos
GetClipboardSequenceNumber
CreateDesktopW
GetWindowWord
GetSystemMetrics
DeleteMenu
OpenDesktopA
ExcludeUpdateRgn
BroadcastSystemMessageA
GetShellWindow
GetWindowRgn
UnpackDDElParam
PostMessageA
IsCharAlphaNumericW
GetMessagePos
DestroyMenu
SetUserObjectInformationA
EndTask
DestroyWindow
BeginDeferWindowPos
ShowWindow
CharNextW
GetCursorInfo
ReleaseCapture
EnumWindows
ShowOwnedPopups
SetWinEventHook
MessageBoxW
SetTimer
DialogBoxParamA
GetKeyboardType
CheckDlgButton
SetMessageQueue

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f2875caa7f30c157f6d7fddf8320824

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 221KB - Virtual size: 220KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 117KB - Virtual size: 138KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 221KB - Virtual size: 220KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 117KB - Virtual size: 138KB

.rsrc
Size: 30KB - Virtual size: 29KB