a132f8eaae752d342dac43cf88beb9ac

Sharing

Copy URL Twitter E-mail

General

Target

a132f8eaae752d342dac43cf88beb9ac
Size

127KB
MD5

a132f8eaae752d342dac43cf88beb9ac
SHA1

713e2735180bd152aafc6680b129de761b33c444
SHA256

16f323116e75fd7b327b7bb321577dfddbff039982c591ec635c70df84edd79a
SHA512

66fc2f6a7affcf9962eb789a869bec48bd9bc1a28a07e266a6a52892b79be3ff44b58d7055d3253e6178caa83e11c07398a40d8c06b707dd7216f582bca2165f
SSDEEP

3072:x7E1zv7uOH7ZnT0RmSbKKfvme1TheqcNJ0CtaEL:x7Qzv7uOlT0RHbKOlakeL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a132f8eaae752d342dac43cf88beb9ac

Files

a132f8eaae752d342dac43cf88beb9ac
.exe windows:4 windows x86 arch:x86

28ef6806cd30c2a4cd7187f956efb0f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
wsprintfA
BringWindowToTop
SetForegroundWindow
GetWindowTextA
EnumWindows
keybd_event
VkKeyScanA
ShowWindow
SetFocus

ws2_32

shutdown
recv
accept
connect
closesocket
send
inet_addr
gethostbyname
__WSAFDIsSet
select
listen
bind
htons
ioctlsocket
setsockopt
WSAStartup
WSACleanup
socket

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FileTimeToSystemTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
TlsGetValue
Sleep
MultiByteToWideChar
ReadFile
WriteFile
TransactNamedPipe
CloseHandle
CreateFileA
WaitForSingleObject
GetLastError
CreateEventA
CopyFileA
WideCharToMultiByte
GetTickCount
CreateThread
DeleteFileA
CreateProcessA
OpenProcess
GetCurrentProcessId
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
ExitProcess
CreateMutexA
MoveFileA
GetTempPathA
ExitThread
SetFilePointer
GetFileSize
GetLocalTime
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
GetCurrentProcess
CreatePipe
GetComputerNameA
GetTimeFormatA
GetDateFormatA
FindClose
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
TerminateProcess
GetLogicalDrives
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
LoadLibraryA
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
GetLocaleInfoA
GetVersionExA
GlobalAlloc
GlobalMemoryStatus
TerminateThread
HeapAlloc
HeapFree
RtlUnwind
GetTimeZoneInformation
GetSystemTime
InterlockedDecrement
InterlockedIncrement
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError

Sections

.text
Size: 86KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 27KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!ep
Size: 406B - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28ef6806cd30c2a4cd7187f956efb0f5

Headers

File Characteristics

Imports

user32

ws2_32

version

kernel32

Sections

.text Size: 86KB - Virtual size: 190KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 27KB - Virtual size: 218KB

.rsrc Size: 5KB - Virtual size: 4KB

.!ep Size: 406B - Virtual size: 220KB

.text
Size: 86KB - Virtual size: 190KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 27KB - Virtual size: 218KB

.rsrc
Size: 5KB - Virtual size: 4KB

.!ep
Size: 406B - Virtual size: 220KB