a0845afdf82b15c75af92db439ba3bc2

Sharing

Copy URL Twitter E-mail

General

Target

a0845afdf82b15c75af92db439ba3bc2
Size

102KB
MD5

a0845afdf82b15c75af92db439ba3bc2
SHA1

ab9be620277a31c16c5f383736bbfeabc07e2d38
SHA256

e260834c8a7d207e4b222057b159836b9f94e4a151f64e95a5cfee5944c25c53
SHA512

a39b8f52bbfda190605f278def8c6410f9ed219f515df1662846b501160ea5166861e751c191707747e0bd51ffaea8c23a49ad608c0ba25aeba728a0e58f19f7
SSDEEP

1536:2kJ+FHQKYSt44xsDgDAiV5lFJkgAcy6yYFm7qyB5qNg92m1sOcln4cV:2pjIbDgDAA5lTkcy+Fm7fcC2P4cV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0845afdf82b15c75af92db439ba3bc2

Files

a0845afdf82b15c75af92db439ba3bc2
.exe windows:4 windows x86 arch:x86

1e3eeb557d7629303129e03d35e3b50b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
CreateProcessA
GetSystemInfo
GetTimeZoneInformation
CreateEventA
CreateEventW
SetEvent
ResetEvent
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FindFirstFileA
FindNextFileA
FindClose
GetStringTypeW
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetFileAttributesW
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
UnmapViewOfFile
MapViewOfFile
LoadLibraryA
LoadLibraryW
GetProcAddress
CreateFileA
ReadFile
CloseHandle
QueryPerformanceCounter
CreateFileW
WriteFile
lstrcmpiA
GetShortPathNameA
IsBadReadPtr
GetExitCodeProcess
CreateMutexA
ReleaseMutex
IsDebuggerPresent
LoadLibraryExA
FormatMessageA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentProcessId
GetVersion
GetFileAttributesA
ExpandEnvironmentStringsA
LCMapStringA
SetLastError
FindResourceA
FindResourceW
LoadResource
SizeofResource
LockResource
FreeResource
OpenMutexA
GetConsoleOutputCP
GlobalFree
LoadLibraryExW
OpenProcess
CreateThread
GetCurrentThreadId
GetCurrentThread
ResumeThread
ExitThread
TerminateThread
FreeEnvironmentStringsA
CreateFileMappingA
GetFileSize
GetACP
InterlockedDecrement
FreeEnvironmentStringsW
FindFirstFileW
FindNextFileW
SetEnvironmentVariableA
SetEndOfFile
FileTimeToDosDateTime
GlobalHandle
GetFileAttributesW
CompareStringA
GetCommandLineA
GetVersionExW
GetLocaleInfoA
GetDateFormatA
InterlockedCompareExchange
CompareStringW
SetFileTime
LocalFree
WriteConsoleA
SetErrorMode
GetCPInfo
lstrcmpiW
MultiByteToWideChar
GetDiskFreeSpaceA
MulDiv
OutputDebugStringA
GetDriveTypeA
IsBadCodePtr
ExitProcess
lstrcmpA
GetWindowsDirectoryA
WideCharToMultiByte
LocalAlloc
Sleep
GetVersionExA
SetFilePointer
RtlUnwind
SetThreadLocale
GetFullPathNameA
MoveFileA
CreateProcessW
LocalFileTimeToFileTime
GetEnvironmentStrings
VirtualProtect
GetModuleHandleA
GetStringTypeExA
GetModuleFileNameA
CompareFileTime
DeleteFileA
IsValidCodePage
lstrcpynA
SetThreadPriority
GetExitCodeThread
lstrcatA
GetStartupInfoW
TerminateProcess
EnumCalendarInfoA
GetCommandLineW
GetConsoleMode
CopyFileA
GetFileType
SystemTimeToFileTime
InterlockedExchange
IsBadWritePtr
GlobalReAlloc
GetOEMCP
SetHandleCount
DisableThreadLibraryCalls
DuplicateHandle
GetSystemDirectoryW
GetCurrentDirectoryA
WaitForSingleObject
VirtualAlloc

msvcrt

__CxxFrameHandler
_unlock
_except_handler3
_errno
memcpy
strtoul
getenv
rename
tolower
isspace
setlocale
_getch
strcpy
towupper
realloc
_umask
_open
isdigit
fread
fopen
strcspn
_controlfp
_c_exit
_fdopen
__p__fmode
_wcsnicmp
_stricmp
_fstat
isxdigit
strrchr
strtok
exit
cos
_wtoi
fgets
_wcsicmp
fclose
wcstoul
_mktemp
_mkdir
_strdup
memchr
_vsnprintf
iswctype
_strnicmp
wcstol
vsprintf
__initenv
_read
_amsg_exit
_CIpow
_close
_acmdln
wcsncpy
ungetc
wcschr
__badioinfo
_flsbuf
__p__environ
pow
ctime
wctomb
_iob
strlen
_itoa
_setjmp3
_beginthreadex
__set_app_type
wcsrchr
longjmp
isleadbyte
wcsstr
_lseek
fsetpos
_lseeki64
putchar
_filbuf
strncpy
_initterm
atoi
fgetpos
towlower
atexit
_dup2
atof
_isatty
_fullpath
_assert
puts
_unlink
fputc
localeconv
_XcptFilter
atol
log
wcscspn
abort
wcscat
_exit
strcmp
memcmp
perror
__mb_cur_max
wcslen
_wfopen
__p__commode
__dllonexit
_wtol
_chmod
_purecall
rand
_onexit
swscanf
_stat
memmove
strerror
_ftol
qsort
fprintf
_osver
malloc
fseek
memset
_setmode
_vsnwprintf
wcscmp
clock
fflush
_utime
__p___initenv
_cexit
_fileno
time
_lock
fgetc
_kbhit
strncat
signal
_snprintf
_snwprintf
_pctype
remove
strpbrk
sscanf
__getmainargs
calloc
strncmp
clearerr
strstr
_mbsrchr
free
sin
ftell
_getpid
_getcwd
_itow
_strcmpi
strtol
_putenv
fwrite
bsearch
strchr
_mbsicmp
swprintf
rewind
_isctype
strspn
_get_osfhandle
strcat
_pipe
wcsncmp
__pioinfo
_mbscmp
_setjmp
floor
ceil
fputs
_ultoa
wcstombs
sprintf
sqrt
iswdigit
_CIsqrt
gmtime
_filelengthi64
_wcslwr
localtime
srand
_write
_open_osfhandle

user32

EndDialog
IntersectRect
GetWindowDC
DestroyCursor
DrawIconEx
FrameRect
ReleaseCapture
SetCapture
MapWindowPoints
UnregisterClassA
CharLowerA
SetActiveWindow
GetFocus
IsIconic
PostMessageA
DestroyWindow
GetDCEx
CreateWindowExA
UnhookWindowsHookEx
CheckMenuItem
SetTimer
PeekMessageA
RegisterClassA
ClientToScreen
GetClassInfoA
SetWindowTextA
GetMenu
GetMessagePos
GetDesktopWindow
SetScrollPos
RemoveMenu
IsWindowVisible
DeleteMenu
GetKeyboardType
GetClientRect
GetMenuItemCount
GetMenuItemID
ScrollWindow
RegisterClipboardFormatA
DefWindowProcA
ShowOwnedPopups
PtInRect
LoadBitmapA
TranslateMessage
RegisterWindowMessageA
GetScrollRange
BeginPaint
SetScrollInfo
EndPaint
CreatePopupMenu
PostQuitMessage
SetForegroundWindow
GetSubMenu
SetWindowsHookExA
SetMenu
GetIconInfo
SystemParametersInfoA
OemToCharA
GetKeyState
EnableWindow
ShowCursor
GetScrollPos
GetSysColor
DrawIcon
EnableMenuItem
EqualRect
GetWindowRect
CharNextA
SetClassLongA
CreateMenu
SetCursor
WindowFromPoint
GetMessageA
SetFocus
GetMenuStringA
GetClassNameA
AdjustWindowRectEx
GetSystemMetrics
GetScrollInfo
GetWindowThreadProcessId
SendDlgItemMessageA
SetPropA
ReleaseDC
SetClipboardData
GetLastActivePopup
DestroyIcon
SetScrollRange
GetForegroundWindow
IsWindowEnabled
LoadStringA
DrawEdge
WaitMessage
DialogBoxParamA
GetDC
FillRect
GetActiveWindow
wsprintfA
SendMessageA
GetSystemMenu
CallWindowProcA
GetMenuState
IsChild
DispatchMessageA
SetWindowLongA
DrawFrameControl
DrawMenuBar
KillTimer
ShowWindow
SetWindowPlacement
InsertMenuItemA
LoadIconA
GetWindowTextA
OffsetRect
GetCapture
SetRect
InsertMenuA
TrackPopupMenu
WinHelpA
EnumWindows
DestroyMenu
GetTopWindow
MessageBeep
GetPropA
GetWindowPlacement
ScreenToClient
IsRectEmpty
InvalidateRect
OpenClipboard
GetWindowLongA
GetWindow
CallNextHookEx
InflateRect
EmptyClipboard
IsZoomed
UpdateWindow
EnumThreadWindows
GetCursorPos
IsDialogMessageA
DrawTextA
MessageBoxA

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e3eeb557d7629303129e03d35e3b50b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 49KB - Virtual size: 49KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 2KB - Virtual size: 4KB