a2bac317859ca53f443b1adaa01df69a

Sharing

Copy URL Twitter E-mail

General

Target

a2bac317859ca53f443b1adaa01df69a
Size

502KB
MD5

a2bac317859ca53f443b1adaa01df69a
SHA1

66f69be1cb829924459b38417afc9dbbd55066df
SHA256

2e3fe68e47fca7b27550da5fa1ba9a9e85021cb75d92abd9b0731a146b0fd9ee
SHA512

9e205155cb5a8bf76a73afb0a500280af9849a2212b856a78843f2339a3d6f3055349e7e68b0c4196cc51ab0eafcbad27f68ed7a35d0f76bc5ff3e74c5b7602f
SSDEEP

12288:nDJL/LwruXzL9sXCq7h2agaO48iBncg6wDDzmDCHOx/:DJXwruXVWrhf44vBnft+J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2bac317859ca53f443b1adaa01df69a

Files

a2bac317859ca53f443b1adaa01df69a
.exe windows:4 windows x86 arch:x86

9580870cef62654bd4e5d3db05ea93fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

IncrementUrlCacheHeaderData
CommitUrlCacheEntryA
FtpPutFileA
InternetCreateUrlA
HttpAddRequestHeadersW
DeleteUrlCacheEntry
InternetQueryDataAvailable
CreateUrlCacheEntryW

user32

GetClassLongW
SetSysColors
GetScrollPos
GetShellWindow
CharLowerW
UpdateWindow
FindWindowExW
GetKeyboardLayoutList
GetIconInfo
SystemParametersInfoA
RegisterClassExA
RegisterClassA
CreateCaret
EditWndProc
LoadKeyboardLayoutW
SetDlgItemInt
DdePostAdvise
MonitorFromWindow

comctl32

InitCommonControlsEx

comdlg32

GetFileTitleW
GetFileTitleA
LoadAlterBitmap
PageSetupDlgW

advapi32

CryptSignHashW
RegConnectRegistryA
RegQueryValueA

gdi32

CreateScalableFontResourceW
GetTextExtentPointA
CreateICW
GetTextExtentPoint32A
DeleteDC
GetDeviceCaps
DeleteObject
CreateColorSpaceA
GetTextColor
CreateDCW
EnumEnhMetaFile
GetTextExtentPoint32W

kernel32

DuplicateHandle
MultiByteToWideChar
HeapSize
EnumSystemCodePagesW
HeapDestroy
CompareStringW
GetLocaleInfoW
GetProcessHeap
GetModuleHandleA
InterlockedIncrement
SetFilePointer
GetConsoleOutputCP
EnumSystemLocalesA
GetCPInfo
GetStdHandle
GetLastError
FreeEnvironmentStringsA
FlushFileBuffers
GetSystemTimeAsFileTime
GetTimeZoneInformation
FreeEnvironmentStringsW
GetPrivateProfileStructW
HeapFree
TlsAlloc
WriteFile
WriteConsoleW
GetProcAddress
CreateMailslotW
GetEnvironmentStringsW
TerminateProcess
EnumCalendarInfoExW
InterlockedDecrement
GetProfileSectionA
GetComputerNameW
HeapCreate
SetConsoleCtrlHandler
EnterCriticalSection
GetConsoleCP
GetStartupInfoW
GetOEMCP
LCMapStringA
InterlockedExchange
SetHandleCount
GetCurrentProcess
CompareStringA
FreeLibrary
GetSystemDirectoryW
InitializeCriticalSection
GetDateFormatA
GetVersionExA
SetUnhandledExceptionFilter
ReadConsoleOutputAttribute
LCMapStringW
CloseHandle
QueryPerformanceCounter
GetConsoleMode
VirtualAlloc
WritePrivateProfileStructA
TlsGetValue
SetEnvironmentVariableA
GetModuleFileNameA
OpenMutexA
HeapAlloc
SetLocaleInfoW
IsValidLocale
LeaveCriticalSection
RtlUnwind
GetStartupInfoA
LocalHandle
GetLocaleInfoA
GetEnvironmentStrings
GetCommandLineA
ReadFile
UnhandledExceptionFilter
VirtualQuery
GetStringTypeW
IsDebuggerPresent
CreateMutexA
GetUserDefaultLCID
WideCharToMultiByte
CreateFileA
ReleaseSemaphore
WriteConsoleA
WaitForMultipleObjects
GetSystemDefaultLangID
GetCurrentProcessId
IsValidCodePage
LoadLibraryA
HeapReAlloc
SetLastError
SetStdHandle
MoveFileA
GetACP
Sleep
LocalFree
GetCurrentThreadId
GetCurrentThread
TlsFree
GetStringTypeA
GetTickCount
ExitProcess
TlsSetValue
GetTimeFormatA
GetFileType
VirtualFree
LoadModule
ConvertDefaultLocale
DeleteCriticalSection

Sections

.text
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9580870cef62654bd4e5d3db05ea93fd

Headers

File Characteristics

Imports

wininet

user32

comctl32

comdlg32

advapi32

gdi32

kernel32

Sections

.text Size: 345KB - Virtual size: 344KB

.rdata Size: 34KB - Virtual size: 57KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 345KB - Virtual size: 344KB

.rdata
Size: 34KB - Virtual size: 57KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 17KB - Virtual size: 17KB