a22dd64a3c4ad2f19b4c45d6bd9d80b0

Sharing

Copy URL Twitter E-mail

General

Target

a22dd64a3c4ad2f19b4c45d6bd9d80b0
Size

478KB
MD5

a22dd64a3c4ad2f19b4c45d6bd9d80b0
SHA1

7b5acb8f6ab9306a18bfe5384728707178a788db
SHA256

3a4ca09049be7f862238c8d508001373062baedee6e8ac497e7d378fb08a26a0
SHA512

9fae5cbd7b54af0a1c6b6a29a56736693d9b9dd89bb6809e2f3cbee9c7c333e96fbed3d24469550e863ab4f5b2cf32453fc037935199b526673255fca2926dc8
SSDEEP

12288:+MQwAgwEVq6iGhtUShsa8C5IjJVGxiVz:TQwAgwEjhtLhJhYXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a22dd64a3c4ad2f19b4c45d6bd9d80b0

Files

a22dd64a3c4ad2f19b4c45d6bd9d80b0
.exe windows:4 windows x86 arch:x86

d7a01623e721cc84b82d20d053828b26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\euxe\ivu\lzs\oaeo\oerso.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

GetCommandLineA
GetProcAddress
EnumResourceNamesA
InterlockedIncrement
HeapAlloc
GetCurrentThread
LCMapStringW
QueryPerformanceCounter
GetEnvironmentStringsW
CompareStringW
UnmapViewOfFile
TlsAlloc
GetModuleHandleA
GetStdHandle
FreeEnvironmentStringsA
WriteConsoleW
WriteFile
GetCPInfo
TlsFree
SetHandleCount
GetCalendarInfoW
FreeEnvironmentStringsW
GetLocalTime
OpenMutexA
OpenWaitableTimerW
GetLogicalDriveStringsA
LoadLibraryA
GetStartupInfoA
ReadFile
MultiByteToWideChar
GetOEMCP
GetCurrentThreadId
GetModuleFileNameA
VirtualQuery
LeaveCriticalSection
GetEnvironmentStrings
VirtualFree
RtlUnwind
GetVersion
WideCharToMultiByte
IsBadWritePtr
GetCurrentProcessId
InterlockedExchange
GetSystemTimeAsFileTime
InterlockedDecrement
GetSystemTime
SetEnvironmentVariableA
ExitProcess
CompareStringA
GetTimeZoneInformation
HeapFree
SetFilePointer
TlsGetValue
LCMapStringA
TerminateProcess
GetACP
FlushFileBuffers
SetStdHandle
UnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
HeapReAlloc
CreateMutexA
GetCurrentProcess
EnterCriticalSection
VirtualAlloc
HeapCreate
SetLastError
GetFileType
GetStringTypeA
CloseHandle
GetLastError
TlsSetValue
HeapDestroy
GetTickCount
GetStringTypeW
FindNextChangeNotification

user32

InvalidateRgn
RegisterClassExA
RegisterClassA
ChangeDisplaySettingsExW

Sections

.text
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7a01623e721cc84b82d20d053828b26

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 319KB - Virtual size: 319KB

.rdata Size: 41KB - Virtual size: 48KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 319KB - Virtual size: 319KB

.rdata
Size: 41KB - Virtual size: 48KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 13KB - Virtual size: 13KB