a12d7523b722327c9383a1d0f8414d52

Sharing

Copy URL Twitter E-mail

General

Target

a12d7523b722327c9383a1d0f8414d52
Size

419KB
MD5

a12d7523b722327c9383a1d0f8414d52
SHA1

49d5f4bb65a2a9cedbaf2414f6e250595de68ce3
SHA256

01173af548174c66e7d3e9e679c57f4f405217e29dd25005ad32735f199f83d1
SHA512

9c0b81e9f51b1243d1db58908fac6a35117d982c030b86bf6bc3ce13f8e767106062a040efed1c236507dbf86cfe1c2ec5bc65298881b6b011ff00df1547fd7f
SSDEEP

12288:C/1PELUbhXORs6bLGbiDF1R3tkDYMoH3:C/xELUAu6bL91R3tkD0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a12d7523b722327c9383a1d0f8414d52

Files

a12d7523b722327c9383a1d0f8414d52
.exe windows:4 windows x86 arch:x86

82aee6a7d6c7d79c82817c9d07f194ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconExA
SHGetSpecialFolderPathA
SHGetDesktopFolder

advapi32

CryptContextAddRef
RegNotifyChangeKeyValue
CryptSetProviderW
RegQueryValueA
LookupPrivilegeValueW
CreateServiceA
CryptExportKey
LookupAccountSidW
CreateServiceW
RegFlushKey
CryptAcquireContextW
CryptSetProvParam
LookupAccountSidA
CryptCreateHash
CryptVerifySignatureA
RegCreateKeyExA
CryptDecrypt
CryptEnumProvidersW
RegQueryInfoKeyA
RegRestoreKeyA
RevertToSelf
CryptSignHashW
RegConnectRegistryA

comdlg32

GetOpenFileNameW
ReplaceTextA

comctl32

ImageList_Destroy
ImageList_SetIconSize
ImageList_AddIcon
ImageList_SetOverlayImage
ImageList_DragMove
CreatePropertySheetPageW
ImageList_Add
ImageList_Copy
InitCommonControlsEx
CreateToolbar
ImageList_LoadImageW
ImageList_SetFilter
ImageList_Create
CreateStatusWindow
ImageList_GetBkColor
ImageList_GetImageRect
ImageList_DrawIndirect
DrawStatusTextA
ImageList_Merge
ImageList_AddMasked
InitMUILanguage

user32

GetProcessDefaultLayout
DdeKeepStringHandle
SetCaretBlinkTime
GetKeyboardLayoutNameA
MapVirtualKeyExW
DefDlgProcA
PaintDesktop
ChangeMenuA
ShowWindow
RegisterClassA
DefWindowProcW
FindWindowExA
ExcludeUpdateRgn
DestroyWindow
SetUserObjectInformationW
MsgWaitForMultipleObjects
IsZoomed
UnregisterHotKey
DdeFreeDataHandle
CreateWindowExW
ShowOwnedPopups
AdjustWindowRectEx
DragObject
MessageBoxA
SetMenuItemBitmaps
GetClassInfoExW
ReleaseCapture
GetClassInfoExA
RegisterClassExA

wininet

FtpGetFileSize
HttpSendRequestExA
InternetWriteFile
InternetAlgIdToStringA

kernel32

SetUnhandledExceptionFilter
IsValidLocale
GetCurrentProcessId
TlsSetValue
FreeEnvironmentStringsA
EnterCriticalSection
VirtualAlloc
VirtualFree
InterlockedDecrement
GetTempFileNameA
GetCPInfo
GetACP
GetModuleHandleW
LoadLibraryA
ExitProcess
TlsGetValue
SetLastError
SetHandleCount
CloseHandle
OpenMutexA
GetStringTypeW
CreateMutexA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
IsValidCodePage
HeapSize
GetDateFormatA
GetEnvironmentStringsW
Sleep
TlsAlloc
GetLocaleInfoA
GetUserDefaultLCID
ReadConsoleW
UnhandledExceptionFilter
GetTimeZoneInformation
GetEnvironmentStrings
GetFileType
HeapFree
GetLastError
MultiByteToWideChar
GetCurrentProcess
SetFilePointer
GetCurrentThread
WriteConsoleA
FindNextFileW
ReadFile
InterlockedIncrement
InterlockedExchange
CreateFileMappingA
GetConsoleCP
WideCharToMultiByte
CompareStringW
SetStdHandle
GetStdHandle
HeapAlloc
TlsFree
LCMapStringA
DeleteCriticalSection
GetOEMCP
GetModuleHandleA
GetCurrentThreadId
GetTickCount
SetEnvironmentVariableA
TerminateProcess
GetTimeFormatA
HeapReAlloc
GetThreadLocale
GetModuleFileNameA
VirtualQuery
LeaveCriticalSection
GetSystemTimeAsFileTime
WriteConsoleW
GetProcAddress
GetConsoleMode
RtlUnwind
CreateMailslotA
QueryPerformanceCounter
GetCommandLineA
SetConsoleCtrlHandler
FlushFileBuffers
HeapCreate
CreateFileA
GetStringTypeA
GetStartupInfoA
IsDebuggerPresent
WriteFile
GetConsoleOutputCP
HeapDestroy
EnumSystemLocalesA
LCMapStringW
FreeLibrary
CompareStringA
GetLocaleInfoW
EnumCalendarInfoExA

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82aee6a7d6c7d79c82817c9d07f194ac

Headers

File Characteristics

Imports

shell32

advapi32

comdlg32

comctl32

user32

wininet

kernel32

Sections

.text Size: 269KB - Virtual size: 268KB

.rdata Size: 44KB - Virtual size: 73KB

.data Size: 96KB - Virtual size: 96KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 269KB - Virtual size: 268KB

.rdata
Size: 44KB - Virtual size: 73KB

.data
Size: 96KB - Virtual size: 96KB

.rsrc
Size: 8KB - Virtual size: 8KB