a2bbd1b4e42e9b618ea3066235f970b1

Sharing

Copy URL Twitter E-mail

General

Target

a2bbd1b4e42e9b618ea3066235f970b1
Size

557KB
MD5

a2bbd1b4e42e9b618ea3066235f970b1
SHA1

6dddd8e1ac0c7a8a99f9bcdde093934f8d4a209d
SHA256

72e4129cf945379387fadb9b27369fdc537cc97a45aff29adbf562c91f7b4d79
SHA512

2ed1648cbac6d4c166ea436bd8a8dee1039ed9524abe8e6f2fa570a995eeae07c42357799dddeb3e6e1b890d07f4b74425554a91b46509e5225dbb2634f974b1
SSDEEP

12288:hFl4EvuqM+mUwGmJM0/Wi2xi+QyJz/S1Dc7CKhjjBL7lpT+1p:SixkH9eI+xN/TCSM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2bbd1b4e42e9b618ea3066235f970b1

Files

a2bbd1b4e42e9b618ea3066235f970b1
.exe windows:4 windows x86 arch:x86

36a0e55ab717372edfbbce630e22a946

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoA
GetMenuItemRect
SetScrollPos
BeginDeferWindowPos
GetKeyboardLayout
SendNotifyMessageA
DefFrameProcW
EnumPropsW
AppendMenuW
VkKeyScanExA
WaitMessage
DlgDirListComboBoxA
GetClipboardSequenceNumber
SetDlgItemInt
DefWindowProcA
PeekMessageA
LoadBitmapA
GetClientRect
DestroyWindow
UnpackDDElParam
OemToCharBuffA
IsDialogMessage
EnumDesktopsA
DdeCreateStringHandleW
DefMDIChildProcW
GetScrollBarInfo
RemovePropW
SendInput
DdeGetLastError
DdeConnect
BroadcastSystemMessageW
RegisterClassExA
SendMessageTimeoutW
MessageBoxIndirectW
EndTask
CreateWindowExW
RegisterClassA
GetWindowWord
TranslateAcceleratorW
SetClassLongW
BlockInput
DdeQueryStringA
ShowWindow
EnumDesktopsW
TabbedTextOutW
GetOpenClipboardWindow
GetMenuContextHelpId
TrackPopupMenuEx
CreateCaret
LoadCursorA
CharPrevW
MessageBoxA
DestroyIcon
GetKeyNameTextA
SetKeyboardState
TranslateAcceleratorA
GetUpdateRect
MenuItemFromPoint

wininet

InternetGoOnline
FreeUrlCacheSpaceA
InternetTimeToSystemTimeW
FtpCommandW
FreeUrlCacheSpaceW
FtpGetFileA
CreateUrlCacheEntryA

comdlg32

FindTextW
PageSetupDlgA
ReplaceTextA

shell32

SHGetInstanceExplorer
ExtractAssociatedIconExW

gdi32

CancelDC
LineDDA
SetBrushOrgEx

comctl32

ImageList_Destroy
ImageList_Create
ImageList_SetDragCursorImage
ImageList_DragLeave
ImageList_GetBkColor
ImageList_Remove
ImageList_Write
MakeDragList
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_AddMasked

kernel32

GetCurrentProcess
lstrcmpiA
FlushFileBuffers
GetConsoleMode
TransmitCommChar
lstrcpyW
ResumeThread
SetLastError
FormatMessageW
ExitProcess
GetDateFormatW
CreateFileMappingW
OutputDebugStringA
InterlockedDecrement
CreateMutexA
TlsFree
GetOEMCP
GetACP
LCMapStringA
InterlockedExchange
GetSystemInfo
DeleteCriticalSection
RtlUnwind
WriteConsoleW
LoadResource
TlsAlloc
GetCPInfo
GetCurrentProcessId
FindFirstFileExA
GetCurrencyFormatW
GetTimeFormatA
CreateSemaphoreW
UnhandledExceptionFilter
FindNextChangeNotification
GetEnvironmentStringsW
ExpandEnvironmentStringsA
VirtualAlloc
IsDebuggerPresent
WriteFile
DosDateTimeToFileTime
TlsGetValue
ConnectNamedPipe
GetModuleHandleW
GetCurrentDirectoryW
SetThreadLocale
VirtualAllocEx
SetHandleCount
IsValidCodePage
SetCurrentDirectoryW
QueryPerformanceCounter
Sleep
FillConsoleOutputCharacterA
FreeEnvironmentStringsW
CreateFileA
HeapSize
SetFileAttributesW
GetProfileIntA
GetProcAddress
FillConsoleOutputAttribute
GetSystemTimeAsFileTime
GetComputerNameW
EnumSystemLocalesA
LoadModule
GetCurrentThread
GetTimeZoneInformation
GlobalAlloc
GetPrivateProfileIntW
GetStdHandle
lstrcatW
GetAtomNameW
GetCurrentThreadId
SetEnvironmentVariableA
IsValidLocale
CompareStringW
GetConsoleOutputCP
LCMapStringW
GetEnvironmentStrings
GetModuleFileNameA
LeaveCriticalSection
GetSystemDefaultLCID
GetLocaleInfoA
LocalReAlloc
WritePrivateProfileStructW
SetFilePointer
GetProcessAffinityMask
GetCalendarInfoW
WritePrivateProfileStringA
CreateNamedPipeW
GetDateFormatA
GlobalFlags
VirtualQuery
GetLocaleInfoW
LocalCompact
EnterCriticalSection
WriteConsoleA
GetShortPathNameA
ReadFile
lstrlenA
FoldStringA
GetStartupInfoA
CreateFileMappingA
InitializeCriticalSectionAndSpinCount
SetThreadPriority
GetThreadPriority
SetSystemTime
EnumDateFormatsA
GetStringTypeA
GetNamedPipeHandleStateW
HeapCreate
OpenMutexA
MultiByteToWideChar
GetUserDefaultLCID
DebugActiveProcess
CompareStringA
EnumTimeFormatsA
LoadLibraryA
HeapAlloc
HeapReAlloc
InterlockedIncrement
FreeLibrary
SetStdHandle
CreateEventW
HeapDestroy
GetCommandLineA
ReadConsoleOutputAttribute
GlobalSize
SetThreadContext
CreateThread
TlsSetValue
SetEnvironmentVariableW
GetEnvironmentVariableA
GetTickCount
GetFileType
SetUnhandledExceptionFilter
TerminateProcess
FreeEnvironmentStringsA
FillConsoleOutputCharacterW
GetModuleHandleA
WriteConsoleOutputCharacterA
SetConsoleCtrlHandler
DeleteFiber
GetStringTypeW
WritePrivateProfileSectionA
ReadConsoleOutputW
WideCharToMultiByte
CloseHandle
VirtualFree
GetLastError
UnlockFileEx
GetConsoleCP
HeapFree
GetLocalTime
GetTimeFormatW

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36a0e55ab717372edfbbce630e22a946

Headers

File Characteristics

Imports

user32

wininet

comdlg32

shell32

gdi32

comctl32

kernel32

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 259KB - Virtual size: 258KB

.data Size: 115KB - Virtual size: 128KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 259KB - Virtual size: 258KB

.data
Size: 115KB - Virtual size: 128KB

.rsrc
Size: 9KB - Virtual size: 8KB