5a2112fc914bb204a57c2f29e435193d

Sharing

Copy URL

Twitter E-mail

General

Target

5a2112fc914bb204a57c2f29e435193d
Size

361KB
MD5

5a2112fc914bb204a57c2f29e435193d
SHA1

1c06cebb65078ce119855e469e5c325901a8a775
SHA256

3ecb760df42592bc30fb0bf55e0e7263a249fc3a7d85b5e6c560421254463212
SHA512

4b902e68c5712169007f1cfc7051298e47cd8535c80a92cef9a565fe1ece5db4e74480d5a3db621b08eebf2fa0225503c26818589aa1bfccf69574c382f04112
SSDEEP

6144:OC2mN9DwFYI1IUe8QGls4n8krZmbKkjMvnAufVYCNvjz98QDTPHap12bKQh+a+Qr:OC2mN9DwaI11e8plakrZ+KkjMvn3N76i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a2112fc914bb204a57c2f29e435193d

Files

5a2112fc914bb204a57c2f29e435193d
.exe windows:4 windows x86 arch:x86

ce757e7cd1d26d7b4d7cd3d7a8d14f51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GlobalDeleteAtom
TlsFree
LoadLibraryExA
GetProfileIntW
GetNamedPipeHandleStateW
DeleteCriticalSection
ReadFile
WriteFileGather
EnumDateFormatsExA
SetThreadLocale
OutputDebugStringW
Thread32Next
RemoveDirectoryA
GetLogicalDriveStringsW
GlobalReAlloc
ReadConsoleA
GetTimeFormatA
GetWindowsDirectoryW
GetPrivateProfileSectionNamesW
FreeEnvironmentStringsA
WriteConsoleOutputW
FormatMessageW
GlobalLock
CreateDirectoryExW
GetThreadPriority
lstrcat
InterlockedDecrement
CreateConsoleScreenBuffer
InitializeCriticalSectionAndSpinCount
GetProcessTimes
GetNamedPipeInfo
GetDriveTypeA
WaitForSingleObject
WriteConsoleOutputA
SetSystemTime
SetFileAttributesW
Toolhelp32ReadProcessMemory
GetShortPathNameW
ReadConsoleOutputCharacterA
GlobalUnfix
GetNumberFormatW
LoadModule
DisableThreadLibraryCalls
GetProcessHeap
FlushConsoleInputBuffer
ReadDirectoryChangesW
GetProfileIntA
GetNumberFormatA
GetTempFileNameW
FindFirstFileExW
GetVersion
OpenEventW
GetSystemTimeAdjustment
GetCurrencyFormatA
ExpandEnvironmentStringsA
WaitNamedPipeA
ReadConsoleOutputA
lstrcmpi
CreateRemoteThread
FoldStringW
CreateWaitableTimerA
GetDiskFreeSpaceA

user32

GetProcessDefaultLayout
InsertMenuItemA
GetListBoxInfo
SetPropW
GetWindowTextW
CreateDialogIndirectParamA
DdeConnectList
UnregisterClassA
IntersectRect
EndDialog
CreateWindowStationA
ModifyMenuA
DdeDisconnectList
GetWindowLongW
DrawMenuBar
GetKeyNameTextW
FindWindowExW
EnableScrollBar
EndDeferWindowPos
CreateDesktopW
GetClientRect
DialogBoxParamA
SetWindowTextW
FrameRect
ReuseDDElParam
ChangeMenuA
RegisterWindowMessageW
GetFocus
GetClassNameW

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce757e7cd1d26d7b4d7cd3d7a8d14f51

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 97KB - Virtual size: 97KB

.data Size: 249KB - Virtual size: 248KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 97KB - Virtual size: 97KB

.data
Size: 249KB - Virtual size: 248KB

.reloc
Size: 14KB - Virtual size: 13KB