a18038f1b3619ad545e27af5a3545334

Sharing

Copy URL

Twitter E-mail

General

Target

a18038f1b3619ad545e27af5a3545334
Size

431KB
MD5

a18038f1b3619ad545e27af5a3545334
SHA1

6ad7b743dd45f0bf7b7157abfcd887168d54f618
SHA256

00d0bfedb0565dd98b00dff6e3ec233ef51c4f28ab7c3192719b95ae0218f673
SHA512

dca9aff4fe06282bf58d36585539b3751ad7466ddb3ca008fe950f40120b0365f2021f6b27be90d828d285f06f87147a9e0b390b7b780e2118af6641acd35914
SSDEEP

12288:wSYrE0uAofjMicMPoND56G8WF4kiBNQv7LaU:wSYgUofjMicjZ4kiHC7t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a18038f1b3619ad545e27af5a3545334

Files

a18038f1b3619ad545e27af5a3545334
.exe windows:4 windows x86 arch:x86

eba6f1bb548883d5c6d4f35642f92dff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetACP
GetFileType
SetConsoleTextAttribute
GetLocaleInfoA
TerminateProcess
InitializeCriticalSection
HeapDestroy
IsBadWritePtr
GetCurrentThreadId
WideCharToMultiByte
CloseHandle
SetFilePointer
InterlockedIncrement
LocalFlags
GetSystemTimeAsFileTime
RtlUnwind
LCMapStringA
GetStringTypeA
GetEnvironmentStrings
TlsSetValue
DebugBreak
UnhandledExceptionFilter
TlsAlloc
HeapFree
TlsGetValue
DeleteCriticalSection
GlobalFindAtomA
GetOEMCP
SetConsoleCtrlHandler
GetThreadLocale
GetVersion
CreateDirectoryExA
GetLastError
SetHandleCount
HeapCreate
GetCurrentProcess
EnumSystemLocalesA
GetCommandLineA
GetStringTypeW
GetStdHandle
FlushFileBuffers
GetCPInfo
SetLastError
RemoveDirectoryW
LeaveCriticalSection
TlsFree
GetPrivateProfileSectionNamesA
GetModuleFileNameA
LCMapStringW
GetProcAddress
LoadLibraryExW
HeapValidate
GetStartupInfoA
HeapAlloc
AddAtomA
VirtualFree
WriteFile
FillConsoleOutputCharacterA
HeapReAlloc
OutputDebugStringA
GetTickCount
FreeEnvironmentStringsW
FillConsoleOutputCharacterW
GetModuleHandleA
LoadLibraryA
VirtualAlloc
InterlockedDecrement
lstrcatW
FindResourceA
EnterCriticalSection
InterlockedExchange
TryEnterCriticalSection
VirtualQuery
QueryPerformanceCounter
VirtualProtectEx
FreeEnvironmentStringsA
GetEnvironmentStringsW
MultiByteToWideChar
GetCurrentProcessId
IsBadReadPtr
ExitProcess
SetStdHandle

advapi32

RegCloseKey
CryptGetKeyParam
CryptDestroyHash
AbortSystemShutdownW
LookupAccountSidW
CryptEncrypt
RegFlushKey
RegEnumKeyW
CryptEnumProviderTypesA
LookupPrivilegeValueW
RegConnectRegistryW
CryptEnumProvidersA
CryptDeriveKey
CryptVerifySignatureA
CryptExportKey
LookupPrivilegeDisplayNameW
LookupPrivilegeDisplayNameA
LookupSecurityDescriptorPartsW
StartServiceW
RegEnumKeyA

comdlg32

ChooseColorA
GetFileTitleA
ReplaceTextW
PrintDlgA

gdi32

EnumFontFamiliesExW
CreateDCW
PolyTextOutW
SetBoundsRect
GetICMProfileA
DeleteEnhMetaFile
GetCurrentPositionEx
Rectangle
PolyBezierTo
GetViewportExtEx
GetCharWidth32W
CheckColorsInGamut
GetClipRgn
StrokePath
FillPath
GetStretchBltMode
GetCharABCWidthsA
RemoveFontResourceA
PlayEnhMetaFileRecord
GetMetaFileA
AddFontResourceW
FlattenPath
CreateMetaFileW
GetTextExtentPoint32W
CreateHatchBrush

shell32

RealShellExecuteExA
SHUpdateRecycleBinIcon
SHGetFileInfoA

wininet

HttpSendRequestExW
InternetSecurityProtocolToStringA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eba6f1bb548883d5c6d4f35642f92dff

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

gdi32

shell32

wininet

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 7KB - Virtual size: 17KB

.data Size: 282KB - Virtual size: 282KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 7KB - Virtual size: 17KB

.data
Size: 282KB - Virtual size: 282KB

.rsrc
Size: 4KB - Virtual size: 3KB