a2c414654be5c96b63a8e34e9111e31e

Sharing

Copy URL Twitter E-mail

General

Target

a2c414654be5c96b63a8e34e9111e31e
Size

191KB
MD5

a2c414654be5c96b63a8e34e9111e31e
SHA1

6c83890b2fb3a1881b89e39b857fb0c01e11b102
SHA256

827c526e0cb18f45a1346b4e3daf996e36e3279c549a15589de16789a98067db
SHA512

a5a83e33a905b003d2b67ebcd09e8ff7310c0e45e5c7d8151eaf8d00fe62cb19429bbcaa9514faa1dfe2b4d35373d6f3c87b86ba91db8ae9ccdb2c249402c2ac
SSDEEP

3072:5HBeJqwk5imnxbCbJJawD7qpFQsuF8MSyoOpoueK72CTxS3nx60Z+AMuYuWBh:5HuZk5iqVewwSpFQsWS/OpoueKxTUhT4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2c414654be5c96b63a8e34e9111e31e

Files

a2c414654be5c96b63a8e34e9111e31e
.exe windows:4 windows x86 arch:x86

6fdb9456407d512b9d5db8615b52515a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strstr
strrchr
strtok
__CxxFrameHandler
??3@YAXPAX@Z
exit
time
srand
rand
??2@YAPAXI@Z
_except_handler3

dbghelp

MakeSureDirectoryPathExists

kernel32

SetProcessWorkingSetSize
GetCommandLineA
SetUnhandledExceptionFilter
GetShortPathNameA
GetModuleHandleA
GetStartupInfoA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapAlloc
GetProcessHeap
Process32Next
lstrlenA
WriteFile
CreateFileA
CloseHandle
GetCurrentProcess
GlobalFree
GlobalAlloc
SetFileTime
LocalFileTimeToFileTime
lstrcpyA
GetLastError
lstrcatA
Sleep
WritePrivateProfileStringA
GetCurrentProcessId
DeleteFileA
GetVersionExA
ExitProcess
CopyFileA
MultiByteToWideChar
OpenProcess

user32

IsCharAlphaNumericA
wsprintfA

advapi32

OpenSCManagerA
RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCloseKey
FreeSid
ControlService
OpenServiceA
ChangeServiceConfigA
RegCreateKeyA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

psapi

GetModuleFileNameExA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fdb9456407d512b9d5db8615b52515a

Headers

File Characteristics

Imports

msvcrt

dbghelp

kernel32

user32

advapi32

shell32

ole32

psapi

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 145KB - Virtual size: 144KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 145KB - Virtual size: 144KB