a2f96588515803b3a82fb6fcdef9d430

General

Target

a2f96588515803b3a82fb6fcdef9d430
Size

402KB
MD5

a2f96588515803b3a82fb6fcdef9d430
SHA1

eb91485fd5391d7f8763decffa464b7cbba7bff1
SHA256

50dc57ac0820f7fc59ddb8a2cc83e4d300b1317abf451d6ccea6a182f5eb7e1c
SHA512

b7893dc47a65bc3303eed100d52a633dedf8498b8d8378dbcae87c13ac823dcd847ad8fd02503109977cbf48d187a37d6bb7553e080a5f5fd6431dd6ad4ec4ac
SSDEEP

6144:bRh8v6iKKVeUZ/lo51cUyDEQx0Oc2Yyfgp2w0KlFNCB66EZ2+uAZKtTzXJpDo33:9ORRlKCc2Yqgp2unNCPEzu2KtXPDo33

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2f96588515803b3a82fb6fcdef9d430

Files

a2f96588515803b3a82fb6fcdef9d430
.dll windows:4 windows x86 arch:x86

fcf551874e7059c9b1756ed0b5fb954a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SystemParametersInfoA
GetWindowDC
GetInputState
GetDesktopWindow
GetDC
FillRect
DdeSetUserHandle

advapi32

AdjustTokenGroups
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegCloseKey

gdi32

GetGlyphOutlineA
GetTextMetricsA
ScaleViewportExtEx
SelectObject
SetMapMode
SetTextColor
GetDeviceGammaRamp
GetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
EnumFontFamiliesExA
EnumFontFamiliesExW
ExtTextOutW

kernel32

GetTickCount
GetVersion
GetVersionExA
LoadLibraryA
QueryPerformanceCounter
VirtualAlloc
GetSystemTimeAsFileTime
ContinueDebugEvent
DisableThreadLibraryCalls
ExitProcess
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetProcessPriorityBoost
GetSystemDirectoryA

Exports

Exports

CloseDevice
CreateIndexer
FeedLoad
LoadPRTBufferFromFileW
mpegInSeekFrame

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcf551874e7059c9b1756ed0b5fb954a

Headers

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 207KB - Virtual size: 207KB

.data Size: 68KB - Virtual size: 71KB

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 207KB - Virtual size: 207KB

.data
Size: 68KB - Virtual size: 71KB

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 4KB - Virtual size: 4KB