a2a0342b8536552feb1121986dcf870f

General

Target

a2a0342b8536552feb1121986dcf870f
Size

178KB
MD5

a2a0342b8536552feb1121986dcf870f
SHA1

25b3af679cf343ab5a8086600d78b09b90013cb6
SHA256

e524373f09a330a0e9a56e38625bf51075c17fa6f397dbe43878ba88778eab44
SHA512

869b5225e775761efa675b65ebe5aaa5412b5c2d13e907b3a0eb3516da549764d040ae12bdaa6fe61eea7464d994559eb9de47fe1041dbea97163217961178dc
SSDEEP

3072:tE/olWhBJFXFFag42auhQTt/srmzj1YbTny6nPRtaYZzi:C/oU1FVQp21hQTt/NCbTny6ptbZzi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2a0342b8536552feb1121986dcf870f

Files

a2a0342b8536552feb1121986dcf870f
.exe windows:4 windows x86 arch:x86

f226358703517ddab4756828f56bf0ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
CoCreateGuid
CoInitialize
CoSetProxyBlanket

rpcrt4

UuidCreate

kernel32

Sleep
GetThreadPriority
GetFullPathNameW
MultiByteToWideChar
IsValidCodePage
DeleteCriticalSection
CreateFileA
HeapReAlloc
GetModuleHandleA
InterlockedIncrement
TerminateProcess
InterlockedDecrement
GetConsoleOutputCP
HeapSize
GlobalAlloc
RaiseException
GetProcAddress
EnumSystemLocalesA
WideCharToMultiByte
SetCommConfig
EnterCriticalSection
InitializeCriticalSection
EnumResourceNamesA
WriteConsoleW
GetUserDefaultLCID
SetUnhandledExceptionFilter
IsValidLocale
GetCurrentProcess
SetStdHandle
GetCommandLineA
GetModuleFileNameW
GetProcessHeap
ExitProcess
IsDebuggerPresent
SetEndOfFile
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
ReadFile
WriteFile
RtlUnwind
HeapFree
WriteConsoleA
CloseHandle
HeapAlloc
GetCurrentDirectoryW
LeaveCriticalSection
LCMapStringW
ExitProcess
GetVersionExA
GetLastError
LCMapStringA
GetCurrentThreadId
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f226358703517ddab4756828f56bf0ed

Headers

File Characteristics

Imports

shell32

advapi32

ole32

rpcrt4

kernel32

user32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 348KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 348KB