a2c1ab52031d0d66de57a4a6ddffc10a

Sharing

Copy URL Twitter E-mail

General

Target

a2c1ab52031d0d66de57a4a6ddffc10a
Size

248KB
MD5

a2c1ab52031d0d66de57a4a6ddffc10a
SHA1

e8d770e7e29b4b00fd61c6e603f43c26ca6ffbaa
SHA256

df1676c64fe864b0dea216b38d82761406996cb8780a4bc9273f50c637366069
SHA512

dde09d7c9b192bd51db449f63097c891de641a4a8765733bb2221c4e33f132d45ce466e8285f22e96234e7f8a75f93e40e9e65028748038487259c6f1b5d09f8
SSDEEP

3072:owbhDkxaB80tiuJ+tEWdoLjF6pcUDHlojVwUgw2nhQKVOzxFoGo82p/ADBCrN/+f:ogh0C80YeEE03UkTQxFoGQLrzxoekb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2c1ab52031d0d66de57a4a6ddffc10a

Files

a2c1ab52031d0d66de57a4a6ddffc10a
.dll windows:4 windows x86 arch:x86

c492d6d0c2643caa5457ac2489ddc92c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17

kernel32

FreeLibrary
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
GlobalFindAtomA
GlobalGetAtomNameA
GetCommandLineA
HeapAlloc
HeapFree
HeapSize
GetTimeZoneInformation
GetACP
HeapReAlloc
ExitProcess
TerminateProcess
FileTimeToLocalFileTime
GlobalDeleteAtom
GlobalAddAtomA
RtlUnwind
RaiseException
GetModuleHandleA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcatA
FileTimeToSystemTime
GetVersion
LocalReAlloc
SetErrorMode
TlsGetValue
GlobalAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
GlobalReAlloc
GlobalLock
GlobalUnlock
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GetCurrentThreadId
lstrcmpA
SetUnhandledExceptionFilter
SetHandleCount
lstrcpynA
InterlockedIncrement
GetStdHandle
GetFileTime
InterlockedDecrement
GetCurrentProcess
GetFileSize
GetFileAttributesA
LocalFree
GetModuleFileNameA
lstrcmpiA
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
LoadLibraryA
FindClose
lstrcpyA
GetProcAddress
LockFile
SetEndOfFile
UnlockFile
SetFilePointer
CloseHandle
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
GetFileType
GetStartupInfoA
DuplicateHandle
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
SetLastError
GetLastError

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetWindowPlacement
GetWindowRect
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
GetSystemMetrics
CharUpperA
GetTopWindow
GetSubMenu
GetMenuItemID
SystemParametersInfoA
GetMenuCheckMarkDimensions
LoadBitmapA
IsIconic

gdi32

GetClipBox
CreateBitmap
SetBkColor
GetObjectA
SetTextColor
DeleteObject
DeleteDC
GetDeviceCaps
SaveDC
RestoreDC
GetStockObject
SelectObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
ScaleWindowExtEx
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

Exports

Exports

_MPEGStillsEncode@20

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c492d6d0c2643caa5457ac2489ddc92c

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 68KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 10KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 68KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 112KB - Virtual size: 112KB