a309f61d53fc78a8841c2255d4a31779

Sharing

Copy URL Twitter E-mail

General

Target

a309f61d53fc78a8841c2255d4a31779
Size

250KB
MD5

a309f61d53fc78a8841c2255d4a31779
SHA1

edee477f3effe66f4e3c3a08143c29d328c7a8db
SHA256

e65dd6b70f52b27985cee166b540a88134d2c60156fe5eb3b88185cd1dbfce15
SHA512

8810b56f1c0a29c972bd5007aafdc9b3282a28e9eddc7ac108036334d43f417c0500876ba152cd45b52aadef14753b94cc34477acd72b4c55b380b905ca00061
SSDEEP

6144:bLTUpNn2+uw1z3Fp9B1aixPafWg91UUaD3EOxEFegWOU9:bLTE2xwNVp9fZxPa7CUOacrOk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a309f61d53fc78a8841c2255d4a31779

Files

a309f61d53fc78a8841c2255d4a31779
.exe windows:5 windows x86 arch:x86

9a33a0ae955d3be888c0fbee5ab627e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueExA
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExA
RegSetValueExW

msvcrt

_controlfp
isdigit
_exit
_cexit
srand
exit

gdi32

CreatePen
CombineRgn
GetPixel
CreateCompatibleDC
DeleteObject
GetStockObject
StretchBlt
SetPixel
GetTextMetricsW

kernel32

HeapDestroy
VirtualAllocEx
WriteFileEx
GetTickCount
GetSystemDefaultLCID
HeapFree
GetQueuedCompletionStatus
GetStringTypeExA
ResumeThread
CreateThread
InterlockedIncrement
FileTimeToDosDateTime
LeaveCriticalSection
IsValidLocale
CreateFileA
GetCurrentProcessId
SetPriorityClass
GetThreadIOPendingFlag
GetStringTypeA
UnmapViewOfFile
EnterCriticalSection
HeapQueryInformation
TerminateThread
FileTimeToSystemTime
lstrcmpiA
EnumSystemLocalesA
SetLocaleInfoA
HeapCreate
EncodePointer
GetLocaleInfoA
SetThreadExecutionState
SetThreadPriorityBoost
GetEnvironmentStringsA
MapViewOfFile
RtlMoveMemory
ReadFile
ExitThread
SetThreadAffinityMask
DeleteCriticalSection
CreateNamedPipeA
SetFilePointer
lstrcmpA
ConvertDefaultLocale
OpenThread
AssignProcessToJobObject
DecodePointer
FlushViewOfFile
GetUserDefaultLCID
lstrcpynA
InterlockedCompareExchange
SetEnvironmentVariableA
OpenFileMappingA
CreateIoCompletionPort
lstrcpyW
SetThreadContext
GetCurrentProcess
WaitNamedPipeA
InitializeCriticalSection
CopyFileA
HeapAlloc
SetFilePointerEx
CreateFileMappingA
ExpandEnvironmentStringsA
InterlockedExchangeAdd
HeapWalk
GetThreadLocale
CloseHandle
GetThreadTimes
WaitForMultipleObjectsEx
lstrcpynW
DisconnectNamedPipe
GetThreadPriority
GetFileTime
ConnectNamedPipe
GetSystemDefaultLangID
SetCurrentDirectoryA
InterlockedDecrement
FreeEnvironmentStringsA

user32

MessageBoxW
SystemParametersInfoW
GetDesktopWindow
ReleaseCapture
RegisterClassW
KillTimer
MessageBeep
BeginPaint
GetSystemMetrics
GetMessageW
ShowWindow
GetClientRect
PostMessageW
IsIconic
FlashWindow
DispatchMessageW
GetDC
CreateWindowExW

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a33a0ae955d3be888c0fbee5ab627e7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msvcrt

gdi32

kernel32

user32

Sections

.text Size: 176KB - Virtual size: 176KB

.data Size: 67KB - Virtual size: 67KB

.rsrc Size: 5KB - Virtual size: 536KB

.text
Size: 176KB - Virtual size: 176KB

.data
Size: 67KB - Virtual size: 67KB

.rsrc
Size: 5KB - Virtual size: 536KB