a1efbe1b74686232d42571c14c22c28f

Sharing

Copy URL Twitter E-mail

General

Target

a1efbe1b74686232d42571c14c22c28f
Size

702KB
MD5

a1efbe1b74686232d42571c14c22c28f
SHA1

8f09d84246e618eecf23063581ee05b02066ef98
SHA256

fd72b4cbcd949f468b9f00bfc9d0f47625df5922e3b4281998fa9ae8686e769d
SHA512

c9686459e41b39ad0c776d3db7d748f1325b9b4caa670147e726bd86a3990dda2c964e41ad64da0bc52c4f35786ee904bc829917ebfbe3102e69dd1fe16e1708
SSDEEP

12288:HdinYrNTUCgnsCBMXpOi/kqIVuvYoabW+S2jXj1gB7WpayaDvVxnFN8:H0tmXpB/YoabW+S+j1I7+k5S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1efbe1b74686232d42571c14c22c28f

Files

a1efbe1b74686232d42571c14c22c28f
.exe windows:4 windows x86 arch:x86

cd9b92724fa577240402221707746df3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetShellWindow
SetClassLongW
RegisterClassA
RegisterClassExA

advapi32

CryptSetHashParam
RegOpenKeyA
RegLoadKeyW
CreateServiceW
CryptSetProvParam
CryptDestroyKey
RegQueryValueExW
LookupSecurityDescriptorPartsW
RegSetValueExA
CryptGetProvParam
RegCreateKeyExW
CryptGetDefaultProviderW

comctl32

InitCommonControlsEx

gdi32

SelectClipRgn
SetPaletteEntries
GetTextExtentPointA
GetLogColorSpaceW
Arc
RectInRegion
GdiPlayDCScript
SetICMProfileA
EnumFontFamiliesExA
SetRectRgn
SetBitmapBits
CreateRectRgnIndirect
GetWindowExtEx
StretchDIBits
RemoveFontResourceW
SetAbortProc

kernel32

GetModuleFileNameW
GetDateFormatA
HeapAlloc
FreeLibrary
WriteConsoleW
LocalFlags
GetModuleFileNameA
FreeEnvironmentStringsA
InitializeCriticalSection
TlsSetValue
OpenMutexA
SetFilePointer
GetCurrentProcess
HeapDestroy
IsBadReadPtr
GetFileType
SetConsoleCtrlHandler
GetConsoleCP
CloseHandle
HeapFree
GetStdHandle
CompareStringW
OutputDebugStringA
FreeEnvironmentStringsW
InterlockedIncrement
SetStdHandle
CreateFileA
GetLastError
QueryPerformanceCounter
MultiByteToWideChar
GetModuleHandleA
InterlockedDecrement
DebugBreak
GetStringTypeA
VirtualQuery
GetStartupInfoW
OutputDebugStringW
CompareStringA
EnterCriticalSection
VirtualAlloc
HeapCreate
TlsGetValue
GetUserDefaultLCID
VirtualFree
GetSystemTimeAsFileTime
GetEnvironmentStrings
SetUnhandledExceptionFilter
GetProcessHeap
CreateMutexA
GetCurrentProcessId
TlsFree
LeaveCriticalSection
WideCharToMultiByte
ExitProcess
RaiseException
GetCurrentThreadId
IsDebuggerPresent
GetTickCount
GetCommandLineW
DeleteCriticalSection
HeapValidate
GetACP
IsValidLocale
TlsAlloc
WriteFile
GetLocaleInfoW
GetProcAddress
WriteConsoleA
GetStartupInfoA
GetCPInfo
UnhandledExceptionFilter
GetCommandLineA
GetOEMCP
GetConsoleOutputCP
HeapReAlloc
FlushFileBuffers
lstrlenA
GetCurrentThread
IsValidCodePage
ReadFile
GetLocaleInfoA
RtlUnwind
TerminateProcess
GetTimeZoneInformation
GetConsoleMode
SetLastError
SetHandleCount
GetStringTypeW
GetVersionExA
GetEnvironmentStringsW
InterlockedExchange
EnumSystemLocalesA
GetTimeFormatA
LCMapStringW
SetEnvironmentVariableA
LoadLibraryA
LCMapStringA
LoadLibraryW

wininet

InternetReadFileExW
UpdateUrlCacheContentPath
InternetCrackUrlW
GopherFindFirstFileW
FindFirstUrlCacheContainerW
InternetTimeFromSystemTimeA
ReadUrlCacheEntryStream
InternetCrackUrlA

Sections

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd9b92724fa577240402221707746df3

Headers

File Characteristics

Imports

user32

advapi32

comctl32

gdi32

kernel32

wininet

Sections

.text Size: 282KB - Virtual size: 281KB

.rdata Size: 47KB - Virtual size: 71KB

.data Size: 357KB - Virtual size: 357KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 282KB - Virtual size: 281KB

.rdata
Size: 47KB - Virtual size: 71KB

.data
Size: 357KB - Virtual size: 357KB

.rsrc
Size: 15KB - Virtual size: 14KB