a22c88b06152d3de143594ceff8288ba

Sharing

Copy URL Twitter E-mail

General

Target

a22c88b06152d3de143594ceff8288ba
Size

505KB
MD5

a22c88b06152d3de143594ceff8288ba
SHA1

a4be1bc55910bd72f16c38587dda6f630566bbde
SHA256

d0fcdabb57464c237c108dc1d518f702c09b77804852c40487f52a7d6c411ae0
SHA512

8dcaacc2e6b0d6d1a23abe0208e7fe900ae77a98e3df5321858a8c505503fca240c6de8bf7f904f71e1c1e90883c8f7cd05e035f580d45a905e6b9714b32a3ca
SSDEEP

12288:n1h9tUVMExudHfCkkNn0/xSDHoUemT8C6:79f7g+8zo4X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a22c88b06152d3de143594ceff8288ba

Files

a22c88b06152d3de143594ceff8288ba
.exe windows:4 windows x86 arch:x86

7d9744799d3db9f6cbb1ec2fca739fc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDiskFreeSpaceA
SHLoadInProc
SHUpdateRecycleBinIcon
DragAcceptFiles
ExtractAssociatedIconExW
SHGetDataFromIDListA
SHGetFileInfoA
SHAppBarMessage
SHChangeNotify
SHFileOperationW
SHGetDesktopFolder
ShellExecuteA
FindExecutableW
SheChangeDirExW

wininet

SetUrlCacheEntryGroupW
SetUrlCacheConfigInfoW
CommitUrlCacheEntryA
UpdateUrlCacheContentPath
ShowClientAuthCerts

advapi32

DuplicateTokenEx

comdlg32

GetSaveFileNameW
GetSaveFileNameA
PrintDlgA
GetOpenFileNameW
PageSetupDlgA
GetFileTitleA
GetOpenFileNameA
FindTextA
ChooseColorA
ReplaceTextA
GetFileTitleW

kernel32

IsDebuggerPresent
FreeEnvironmentStringsW
InterlockedIncrement
GetVersionExA
LCMapStringW
GetProcessHeap
CompareStringW
InterlockedExchange
TlsSetValue
HeapReAlloc
SetLastError
GetCurrentThreadId
VirtualFree
TlsFree
VirtualQuery
GetLocaleInfoW
VirtualAlloc
UnhandledExceptionFilter
EnumSystemLocalesA
InterlockedDecrement
Sleep
ExitProcess
GetCurrentProcess
SetHandleCount
IsValidLocale
HeapAlloc
IsValidCodePage
GetEnvironmentStrings
CompareStringA
GetOEMCP
GetStdHandle
GetCommandLineW
HeapCreate
InitializeCriticalSection
GetModuleFileNameA
GetPrivateProfileStructW
WriteFile
GetModuleFileNameW
MultiByteToWideChar
GetCurrentThread
GetACP
GetCommandLineA
LoadLibraryA
GetEnvironmentStringsW
GetUserDefaultLCID
QueryPerformanceCounter
GetModuleHandleA
GetLastError
FreeLibrary
SetEnvironmentVariableA
GetProcAddress
DeleteCriticalSection
WideCharToMultiByte
HeapSize
GetLocaleInfoA
TerminateProcess
GetDateFormatA
GetStartupInfoW
HeapDestroy
LCMapStringA
HeapFree
GetStringTypeA
GetCPInfo
SetConsoleCtrlHandler
GetTickCount
GetStartupInfoA
SetLocalTime
RtlUnwind
LeaveCriticalSection
GetStringTypeW
TlsGetValue
FillConsoleOutputCharacterW
GetFileType
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
CreateWaitableTimerA
GetTimeZoneInformation
GetCurrentProcessId
TlsAlloc
GetSystemTimeAsFileTime
EnterCriticalSection
GetTimeFormatA

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d9744799d3db9f6cbb1ec2fca739fc8

Headers

File Characteristics

Imports

shell32

wininet

advapi32

comdlg32

kernel32

Sections

.text Size: 183KB - Virtual size: 183KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 183KB - Virtual size: 183KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 7KB - Virtual size: 7KB