a40dd4ffbd3ef0566660d7df634b7e55

Sharing

Copy URL Twitter E-mail

General

Target

a40dd4ffbd3ef0566660d7df634b7e55
Size

487KB
MD5

a40dd4ffbd3ef0566660d7df634b7e55
SHA1

f837a9365bb93dd07e91f6fce74a6aece2f44598
SHA256

fe25710bba19f8aa9f5ee982b4fa4b220b64cfb399129b7e7e98c136b7d3d694
SHA512

5c91e7325608a8a423b87fb76e27160c756e0d87e860c7100d7259205e41e39d6d637175ad7ed41935e2d33167da1cf4b7ab74e73c9c3c2cfcc55eb50900694d
SSDEEP

6144:RIEaNoUki//QFIWraRd3WnhVm3INGA6RyosOCM/3ac0bBtM5gMze3Ufm8SQjiV7p:RO/YFafOc7PqogMcUfXifPZSoC6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a40dd4ffbd3ef0566660d7df634b7e55

Files

a40dd4ffbd3ef0566660d7df634b7e55
.exe windows:4 windows x86 arch:x86

c6a5ea3f197324f00f733ca2764619fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetFontData
SetWindowOrgEx
GetTextFaceA
GdiFlush
Rectangle
SetViewportExtEx
SetICMMode
OffsetWindowOrgEx
SetMetaFileBitsEx
RectVisible
GetEnhMetaFileDescriptionA
EnumEnhMetaFile
RemoveFontResourceW
CreateDiscardableBitmap
InvertRgn
GetGlyphOutlineW
GetCurrentPositionEx
EndPage
CreateHatchBrush
CreateBitmap

comctl32

InitCommonControlsEx

kernel32

LCMapStringW
QueryPerformanceCounter
GetEnvironmentStringsW
GetSystemInfo
GetProcAddress
HeapCreate
SetEnvironmentVariableA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeA
CloseHandle
LoadLibraryA
DeleteFileW
CompareStringW
LeaveCriticalSection
VirtualQuery
GetLocaleInfoA
SetCurrentDirectoryA
HeapFree
GetLastError
WriteConsoleInputA
LockFile
SetStdHandle
VirtualFree
SetLastError
TlsAlloc
IsBadWritePtr
GetLocaleInfoW
GetDateFormatA
GetCPInfo
UnhandledExceptionFilter
IsValidCodePage
LocalFileTimeToFileTime
GetEnvironmentStrings
GetTickCount
GetCurrentThread
GetUserDefaultLCID
OpenMutexA
HeapSize
WaitForMultipleObjectsEx
VirtualProtect
EnumSystemLocalesA
SetHandleCount
LocalFlags
DeleteCriticalSection
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
FlushFileBuffers
GetTimeZoneInformation
IsValidLocale
GetStdHandle
LocalHandle
HeapAlloc
CompareStringA
GetACP
TerminateProcess
GetOEMCP
GetCurrentProcessId
GetTimeFormatA
EnterCriticalSection
CreateFileW
InterlockedExchange
TlsFree
CreateEventA
CreateMutexA
FreeEnvironmentStringsA
WriteFile
InitializeCriticalSection
VirtualAlloc
FileTimeToSystemTime
ConvertDefaultLocale
RaiseException
TlsGetValue
TlsSetValue
CreateNamedPipeW
GetStringTypeW
GetCurrentProcess
GetStartupInfoA
GetModuleHandleA
GetFileType
GetCommandLineA
RtlUnwind
GetModuleFileNameA
HeapReAlloc
HeapDestroy
LCMapStringA
ExitProcess
GetVersionExA
UnmapViewOfFile
SetFilePointer
GetCurrentThreadId
SetConsoleCursorPosition
ReadFile
GetProfileStringW

user32

FindWindowA
EnumWindowStationsW
GetDlgCtrlID
GetSubMenu
RegisterClassExA
ShowCaret
RegisterClassA
GetClipboardData
SetThreadDesktop
IsDialogMessageW
GetGUIThreadInfo
CreateWindowStationA
GetMenuCheckMarkDimensions
DdeCreateStringHandleA

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6a5ea3f197324f00f733ca2764619fb

Headers

File Characteristics

Imports

gdi32

comctl32

kernel32

user32

Sections

.text Size: 323KB - Virtual size: 323KB

.rdata Size: 47KB - Virtual size: 67KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 47KB - Virtual size: 67KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 10KB - Virtual size: 10KB