a3422ec251541e182d9d554c801418e2

Sharing

Copy URL Twitter E-mail

General

Target

a3422ec251541e182d9d554c801418e2
Size

682KB
MD5

a3422ec251541e182d9d554c801418e2
SHA1

09225b52c10ec4f9299e146283d6473b4a28e71e
SHA256

9f24ea8990c7ffce1cde31ab8032f377ca6a1f43e686c383e95f1d1ec0977ca8
SHA512

2237e6140a1bc4bec9fbc1e8d57695371b45d3e927fcb2f172c1a8b007da9a7b23da301639e4266accaedac256cc8394a07cec4389680f6d2a4bf87427b28014
SSDEEP

12288:d78H/1Id8l/sNxdUJtCOy0Y9ntXzJn6a0/gtmjmbYtZ7cP:dA/1nl/DJtCOy0CjJv04mjmbw1cP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3422ec251541e182d9d554c801418e2

Files

a3422ec251541e182d9d554c801418e2
.exe windows:4 windows x86 arch:x86

442833e413170e5c51ab5be7eb9fd612

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\

Imports

user32

DefMDIChildProcW
MessageBoxA
CreateWindowExA
GetDC
TranslateMessage
RealGetWindowClass
LoadCursorW
EnumPropsExW
GetTopWindow
InvalidateRgn
CharUpperBuffA
RegisterClassA
DefFrameProcA
DdeFreeDataHandle
ShowWindow
GetClipboardOwner
GetMenuItemInfoW
RegisterClassExA
DdeAccessData
DdeDisconnectList
CharLowerBuffW
GetMessagePos

comctl32

CreatePropertySheetPage
InitCommonControlsEx
DrawStatusText
ImageList_AddIcon
ImageList_BeginDrag

kernel32

IsValidCodePage
Sleep
SetConsoleCtrlHandler
WideCharToMultiByte
GetCurrentProcessId
GetStdHandle
GetUserDefaultLCID
GetProcAddress
GetCurrentThreadId
GetEnvironmentStrings
ResetEvent
GetCalendarInfoW
VirtualFree
LeaveCriticalSection
GetVersionExA
TlsSetValue
lstrcmp
TlsFree
SetFilePointer
GetConsoleMode
GetThreadPriorityBoost
DeleteCriticalSection
SetHandleCount
SetUnhandledExceptionFilter
GetStringTypeA
VirtualQuery
GetDateFormatA
CloseHandle
GetOEMCP
FreeEnvironmentStringsA
SetStdHandle
GetModuleFileNameA
LoadLibraryA
WriteConsoleW
CreateRemoteThread
LCMapStringW
FreeLibrary
HeapDestroy
GetCommandLineA
GetTimeFormatA
SetEnvironmentVariableA
UnhandledExceptionFilter
ReadFile
TerminateProcess
CompareStringA
MultiByteToWideChar
LCMapStringA
EnterCriticalSection
VirtualAlloc
GetProcessHeap
GetTimeZoneInformation
EnumSystemLocalesA
HeapAlloc
OpenMutexA
ExitProcess
CreateFileA
RaiseException
GetTickCount
CreateNamedPipeW
HeapFree
RtlUnwind
GetCurrentProcess
InterlockedIncrement
HeapSize
GetFileType
IsValidLocale
GetSystemTimeAsFileTime
GetCPInfo
FlushFileBuffers
WriteConsoleA
GetStringTypeW
GetStartupInfoA
HeapCreate
GetLocaleInfoW
GetLastError
CreateMutexA
CompareStringW
InitializeCriticalSection
InterlockedDecrement
GetModuleHandleA
FreeEnvironmentStringsW
TlsGetValue
GetCurrentThread
GetConsoleOutputCP
SetLastError
WriteFile
HeapReAlloc
GetEnvironmentStringsW
GetACP
GetConsoleCP
QueryPerformanceCounter
GetLocaleInfoA
TlsAlloc
lstrcpyn
IsDebuggerPresent
InterlockedExchange

Sections

.text
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

442833e413170e5c51ab5be7eb9fd612

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 313KB - Virtual size: 313KB

.rdata Size: 68KB - Virtual size: 83KB

.data Size: 280KB - Virtual size: 278KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 313KB - Virtual size: 313KB

.rdata
Size: 68KB - Virtual size: 83KB

.data
Size: 280KB - Virtual size: 278KB

.rsrc
Size: 20KB - Virtual size: 19KB