a2872c88cdbaad0cd938ff05319889e4

Sharing

Copy URL Twitter E-mail

General

Target

a2872c88cdbaad0cd938ff05319889e4
Size

35KB
MD5

a2872c88cdbaad0cd938ff05319889e4
SHA1

fe0c24df24da5a7c5b69134314a8606252fb9023
SHA256

c12ef08dd32ddf5821b3758e52d541a55781f8a87790e853118c9402d2f1d360
SHA512

a0eca44f07e273d7727862e467f24bfecfbdf1f728adaeb18f63a737118b8b37158ef2ca40545c9a75be55dc20b62b98f0e073f345251daeb7b1c2795d5f35c7
SSDEEP

768:eLU+Hj3iwgHWkkF/E0RvqeG8/6nn/YU26U3qN:ePDSw1F/dRv4ne9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2872c88cdbaad0cd938ff05319889e4

Files

a2872c88cdbaad0cd938ff05319889e4
.exe windows:4 windows x86 arch:x86

07adb65d29091e01a51b9e7c8e1a762d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetFontEnumeration
CreateEllipticRgn
SetLayout
StartPage
GetMiterLimit
GetLogColorSpaceW
SetLayout
DeviceCapabilitiesExW
GetCurrentPositionEx
FrameRgn
DeleteColorSpace
ExcludeClipRect
GetTextCharset
Polygon
SetBitmapBits
GetObjectType
GetTextMetricsA
GetROP2
DeleteMetaFile
RectVisible
ChoosePixelFormat
GetObjectA
SetMetaRgn
CancelDC

kernel32

ScrollConsoleScreenBufferW
SetErrorMode
Heap32Next
ExitProcess
GetStartupInfoW
GetLocaleInfoW
lstrlenA
GetStartupInfoA
DebugBreak
GetModuleHandleW
GetLocalTime
EnumSystemCodePagesA
GetProcessHeap
FatalAppExitA
LocalFileTimeToFileTime
CreateDirectoryExA
lstrcmpiW
FillConsoleOutputCharacterA
EnumSystemLocalesA
GetModuleHandleA
lstrcmpW
GetDefaultCommConfigA
GetLogicalDriveStringsA
Sleep
GetEnvironmentStrings
GetLastError
lstrcmpA
GetStdHandle
lstrcmpiA
EnumTimeFormatsA
VirtualFree
FreeEnvironmentStringsA
GetCommandLineW
_llseek
GetConsoleTitleW
GetModuleFileNameA
VirtualAllocEx

user32

CreateWindowExA
GetWindowLongA
MapVirtualKeyExW
MessageBeep
IMPQueryIMEW
BringWindowToTop
GetKeyboardLayoutNameW
LoadKeyboardLayoutA
IsClipboardFormatAvailable
GetMenuItemInfoA
DdeDisconnectList
MsgWaitForMultipleObjects
DdeKeepStringHandle
GetWindowLongW
CreateMDIWindowW
GetPropW
SystemParametersInfoA
CheckMenuRadioItem
SetRectEmpty
LoadMenuIndirectA
CloseWindowStation
IsZoomed
EnumThreadWindows
SetInternalWindowPos
DdeUnaccessData
WINNLSGetIMEHotkey
ToAscii
SendMessageW
DrawTextExW

advapi32

DuplicateTokenEx
CryptSetProviderW
RegRestoreKeyW
RegLoadKeyA
GetSecurityDescriptorGroup
GetOverlappedAccessResults
GetUserNameA
CryptAcquireContextA
GetTrusteeNameA
RegOpenKeyA
DuplicateToken
SetEntriesInAccessListW
BuildExplicitAccessWithNameA
RegConnectRegistryW
SetFileSecurityW
GetSecurityDescriptorControl
CryptAcquireContextW
RegDeleteKeyA
GetUserNameW
RegOpenKeyW
ObjectPrivilegeAuditAlarmA
RegEnumValueW
CryptGetHashParam
CryptImportKey

ole32

UpdateDCOMSettings
StgGetIFillLockBytesOnILockBytes
OleCreateFromFile
HPALETTE_UserUnmarshal
HENHMETAFILE_UserFree
StgCreateDocfile
OleGetIconOfClass

msvcrt

iswupper
_adj_fprem1
_j1
_mbslen
_access
_CIsin
_wcreat
vfprintf
__p__pgmptr
_mbsnbset
__p__winmajor
_heapset
_mbctokata
_heapchk
_wcsnset
wcspbrk
_spawnle
_wenviron
_strerror
malloc
__p__acmdln
vsprintf
_wgetcwd
__winitenv

Sections

.text
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cshr
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.med
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jfjl
Size: 3KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07adb65d29091e01a51b9e7c8e1a762d

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 22KB - Virtual size: 23KB

.cshr Size: 5KB - Virtual size: 9KB

.med Size: 3KB - Virtual size: 8KB

.jfjl Size: 3KB - Virtual size: 29KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 23KB

.cshr
Size: 5KB - Virtual size: 9KB

.med
Size: 3KB - Virtual size: 8KB

.jfjl
Size: 3KB - Virtual size: 29KB

.reloc
Size: 1024B - Virtual size: 1KB