a20d04e957c67ea5394763d6523b2109

Sharing

Copy URL Twitter E-mail

General

Target

a20d04e957c67ea5394763d6523b2109
Size

248KB
MD5

a20d04e957c67ea5394763d6523b2109
SHA1

dc819e1a58f66a64abd7386eb46dbcd40fcb703e
SHA256

cffd331abaff35a60b2c7a9f9ab9fe50270b842ffde1b4a3427b5a88ddc8a68c
SHA512

2b20dd180214537228fbc63172a5f0e16f025d71675e262c162e3b21f1f057ed33d1ae4631ae6e0d21a8556fe9c1a28b884225eeae6ebc7f105f3f780e32eb2d
SSDEEP

3072:Zakap/94fI4t/bGfxi5sRRDCuL0x3T/to24TeO5TScOVnxohScMh9ByHsESE3lQy:Dk9QSTRmFoyOBO7vcw7ytzpz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a20d04e957c67ea5394763d6523b2109

Files

a20d04e957c67ea5394763d6523b2109
.dll windows:4 windows x86 arch:x86

a54e5786e04712167643d2fb6b7ae669

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysFreeString
SysStringLen
SafeArrayUnaccessData
VariantCopyInd
SafeArrayCreate
SysAllocStringLen
RegisterTypeLib

version

GetFileVersionInfoSizeA
VerQueryValueA

ole32

CoUninitialize
CoRevokeClassObject
CoUnmarshalInterface

kernel32

LoadLibraryA
lstrlenW
LoadLibraryExA
GetCommandLineA
IsBadReadPtr
lstrlenA
GetCommandLineW
ExitProcess
VirtualAlloc
GetLastError
ExitThread
GetModuleHandleA
GetACP
GetProcAddress
GlobalAlloc
GetVersionExA

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Remove
ImageList_Read
ImageList_Write
ImageList_Destroy

shell32

Shell_NotifyIconA

Sections

CODE
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 731B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res3
Size: 1024B - Virtual size: 559B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res6
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res2
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res8
Size: 512B - Virtual size: 489B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res5
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a54e5786e04712167643d2fb6b7ae669

Headers

File Characteristics

Imports

oleaut32

version

ole32

kernel32

comctl32

shell32

Sections

CODE Size: 224KB - Virtual size: 223KB

.data Size: 1024B - Virtual size: 731B

.res3 Size: 1024B - Virtual size: 559B

.res6 Size: 512B - Virtual size: 80KB

.res2 Size: 15KB - Virtual size: 14KB

.res8 Size: 512B - Virtual size: 489B

.res5 Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 2KB - Virtual size: 1KB

CODE
Size: 224KB - Virtual size: 223KB

.data
Size: 1024B - Virtual size: 731B

.res3
Size: 1024B - Virtual size: 559B

.res6
Size: 512B - Virtual size: 80KB

.res2
Size: 15KB - Virtual size: 14KB

.res8
Size: 512B - Virtual size: 489B

.res5
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 2KB - Virtual size: 1KB