a152fe83fb4b52782cad61e2ca58a746

Sharing

Copy URL Twitter E-mail

General

Target

a152fe83fb4b52782cad61e2ca58a746
Size

100KB
MD5

a152fe83fb4b52782cad61e2ca58a746
SHA1

b097801b9d8b785e77760871140febbab5a41c0c
SHA256

9d60e35c6583959dd0583eb69acf722e4e694f4ed280577ae595fa4993b82730
SHA512

784dcbaa4b26b1de1558e7587e1e9c05f93f2ab6343805409fb1a3bcd9d5d6d9106b498ce10f66c7f02267f6673155f46671419325cbc9ecb5d3a3598206089f
SSDEEP

1536:6p8T4io8ujZq9B/PV59Rq8kJJZHOkRoiwYK4lmp5CQpAPO:0io1jZmBPjTLKHdLmpn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a152fe83fb4b52782cad61e2ca58a746

Files

a152fe83fb4b52782cad61e2ca58a746
.exe windows:4 windows x86 arch:x86

17506006d49594fd6072f8fc61c483b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyA
RegCreateKeyExW
RegOpenKeyW
RegEnumValueW
RegLoadKeyW
RegOpenKeyExA
RegFlushKey
RegLoadKeyA
RegOpenKeyA
RegOpenKeyExW
RegReplaceKeyA
RegEnumKeyW
RegQueryInfoKeyA
RegDeleteValueA
RegQueryValueW
RegEnumValueA
RegOpenKeyA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyW
RegFlushKey
RegReplaceKeyW
RegDeleteValueW
RegReplaceKeyA
RegQueryInfoKeyW
RegQueryValueExA
RegDeleteKeyA
RegQueryValueW
RegEnumKeyW
RegEnumKeyExW
RegLoadKeyA
RegOpenKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegEnumKeyW
RegCreateKeyExA
RegQueryInfoKeyW
RegQueryValueW
RegOpenKeyExW
RegFlushKey
RegCreateKeyW
RegQueryValueA
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyA
RegEnumKeyExW
RegQueryValueW
RegReplaceKeyW
RegCreateKeyW
RegQueryValueExA
RegOpenKeyExW
RegDeleteKeyW
RegFlushKey
RegOpenKeyW
RegLoadKeyA
RegReplaceKeyA

gdi32

GetBrushOrgEx
GetBitmapBits
BeginPath
ExcludeClipRect
GetPixel
AddFontMemResourceEx
GetClipBox
BitBlt
CloseFigure
SetTextColor
ClearBitmapAttributes
GetPixel
CloseMetaFile
CreateSolidBrush
AbortPath
RestoreDC
AddFontResourceW
AddFontResourceA
CancelDC
DeleteDC
ExtTextOutA
ClearBrushAttributes
GetBrushOrgEx
AddFontMemResourceEx
CloseFigure
BitBlt
AddFontResourceW
GetPixel
GetDCOrgEx
CopyMetaFileA
AddFontResourceExW
GetCurrentPositionEx
AbortPath
SetTextColor

kernel32

GetCPInfo
WriteFile
GetComputerNameA
CreateThread
SetLastError
CreateDirectoryA
Sleep
GetStdHandle
ReadConsoleA
CopyFileExW
FindAtomA
DeleteFileW
FindFirstFileA
GlobalFree
GetCommandLineA
GetConsoleMode
CreateProcessA
DeleteAtom

comctl32

ImageList_DragLeave
ImageList_Read
ImageList_DragMove
ImageList_GetIcon
ImageList_Merge
ImageList_DrawEx
ImageList_AddIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_EndDrag
ImageList_LoadImage
ImageList_Remove
ImageList_LoadImageW
ImageList_Replace

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17506006d49594fd6072f8fc61c483b1

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

comctl32

Sections

.text Size: 8KB - Virtual size: 6KB

.data Size: 68KB - Virtual size: 67KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 6KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 56KB

.text
Size: 8KB - Virtual size: 6KB

.data
Size: 68KB - Virtual size: 67KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 6KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 56KB