a32bdbec4d4f42cd70bbb9b032cdcbab

Sharing

Copy URL

Twitter E-mail

General

Target

a32bdbec4d4f42cd70bbb9b032cdcbab
Size

459KB
MD5

a32bdbec4d4f42cd70bbb9b032cdcbab
SHA1

d8827db91d608efd94944bac3aaab4c74e38f853
SHA256

4ea0ec9908d50e2059896a4542dbdfd8698fb83b5621e7924764cfd8f7e1b6d5
SHA512

deba215dba0ea967d36f1efa3a262f19e77ca818885b476e4902531e9bc2e0cb33dae7adfe731c461f6c8710090cde4b1cec06b1e8f516a932ed7dfe4cf5bf6a
SSDEEP

12288:A9zDXcU93lvjM0Plc4yyfJIq1pgbqMCodiUmuX:A9zDXc6l7M09c4/xKZdZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a32bdbec4d4f42cd70bbb9b032cdcbab

Files

a32bdbec4d4f42cd70bbb9b032cdcbab
.exe windows:4 windows x86 arch:x86

0bd11d2c35bf2feae9a4f47dcb462888

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNA

kernel32

ConnectNamedPipe
CreateNamedPipeA
DisconnectNamedPipe
FlushFileBuffers
GetCurrentProcessId
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FreeLibrary
InterlockedCompareExchange
InterlockedExchange
GetCurrentThread
GetCurrentProcess
HeapAlloc
RemoveDirectoryW
CreateDirectoryW
FindNextFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetOverlappedResult
PeekNamedPipe
FindNextChangeNotification
ResetEvent
FindFirstChangeNotificationW
LCMapStringW
LocalAlloc
LocalFree
lstrlenA
GetSystemDirectoryA
lstrcatA
FindCloseChangeNotification
GetVersionExA
LoadLibraryA
CreateEventA
WaitForMultipleObjects
WaitForSingleObject
CloseHandle
SetEvent
GetLastError
GetModuleFileNameW
GetUserDefaultLCID
DeleteCriticalSection
GetStartupInfoA
TlsFree
TlsGetValue
InitializeCriticalSection
TlsAlloc
CreateSemaphoreA
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
CreateThread
SwitchToThread
Sleep
GetSystemTimeAsFileTime
GetLocalTime
GetDriveTypeW
DeleteFileW
MoveFileW
SetFilePointer
FindClose
GetFullPathNameW
FindFirstFileW
GetFileInformationByHandle
SetEndOfFile
WriteFile
ReadFile

user32

GetKeyState
CreatePopupMenu
GetMessageA
DestroyMenu
RegisterClassW
DispatchMessageA
GetSystemMetrics
PostMessageA
PostQuitMessage
TranslateMessage
GetCursorPos
InsertMenuW
TrackPopupMenu
LoadImageW
DestroyWindow
CallWindowProcA
SetPropW
LoadStringW
DefWindowProcA
SetForegroundWindow
InsertMenuItemW
GetPropW

gdi32

DeleteDC
RestoreDC
DeleteObject
GetTextFaceA
SelectObject
CreateFontA
GetDeviceCaps
SetMapMode
SaveDC
CreateFontIndirectW
GetFontData
GetTextExtentPoint32W
SetTextAlign
GetTextMetricsA
GetObjectA
ExtTextOutW
SetBkMode
SetTextColor
GetTextFaceW
GetOutlineTextMetricsA
CreateDCA
CreateSolidBrush
TranslateCharsetInfo
CreateFontIndirectA

msimg32

TransparentBlt

Sections

.text
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bd11d2c35bf2feae9a4f47dcb462888

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

msimg32

Sections

.text Size: 305KB - Virtual size: 304KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 144KB - Virtual size: 544KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 305KB - Virtual size: 304KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 144KB - Virtual size: 544KB

.rsrc
Size: 5KB - Virtual size: 8KB