a43c3dae8d03bc6f0f272c33dfaff40d

Sharing

Copy URL Twitter E-mail

General

Target

a43c3dae8d03bc6f0f272c33dfaff40d
Size

371KB
MD5

a43c3dae8d03bc6f0f272c33dfaff40d
SHA1

9c7e7b0f9b642e9b161114ed7afc2046f8838512
SHA256

93fe153b968ab49ddef35a06b69c1a5d4e25412646c2129de0c7764451f2d7e4
SHA512

409b91cb1ffe09a790f0b0c56b299000ca172f5262296f9328a6264f11c711b7d4e751de58d568d5c2fab87d9102c289789cee6e6c7e9ab27babb12a991e9405
SSDEEP

6144:6RSlBKiIizNYeBVXYKLHGTM0W1KhP7ImjdrVz5xoTxkZzUuApw:6RSlBKiKeBVXYKLH0M0vhDIid5xoToR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a43c3dae8d03bc6f0f272c33dfaff40d

Files

a43c3dae8d03bc6f0f272c33dfaff40d
.exe windows:4 windows x86 arch:x86

1933d7899bd926b5e5e26f31cad9364f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\xii

Imports

shell32

SHLoadInProc
SHEmptyRecycleBinA
RealShellExecuteW
RealShellExecuteExW

comctl32

CreateMappedBitmap
CreateToolbarEx
CreateStatusWindowA
ImageList_Destroy
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_Read
ImageList_GetFlags
_TrackMouseEvent
InitCommonControlsEx

gdi32

CopyEnhMetaFileW
SetPaletteEntries
CreateSolidBrush
SetWindowOrgEx
EnumFontFamiliesExA
GetOutlineTextMetricsA
DeleteMetaFile
GetTextExtentExPointW
ModifyWorldTransform
GetKerningPairsW
SetPolyFillMode
GetLogColorSpaceW
AddFontResourceW
CreatePenIndirect
SetWinMetaFileBits
GetICMProfileA
CheckColorsInGamut
SetAbortProc
GetNearestColor
SetTextJustification
SetBitmapDimensionEx
CreateCompatibleBitmap
GetTextExtentPointW
PtVisible

user32

VkKeyScanA
PostQuitMessage
DrawFocusRect
ScrollDC
RegisterWindowMessageA
FindWindowW
GetDlgCtrlID
GetWindowTextW
GetDesktopWindow
CreateMDIWindowW
GetDlgItemTextW
RegisterClassExA
CallMsgFilterW
TranslateMessage
InvertRect
RegisterClassA
wvsprintfA
GetDlgItemTextA
IsClipboardFormatAvailable
RegisterWindowMessageW
SetDebugErrorLevel
DdeClientTransaction
RegisterClipboardFormatA
CharNextW
DdeKeepStringHandle
ChildWindowFromPoint
OemKeyScan

kernel32

SetLastError
GetSystemInfo
GetStringTypeW
CreateMutexA
ExitProcess
WideCharToMultiByte
VirtualAlloc
GetStringTypeA
TlsGetValue
IsValidLocale
VirtualProtect
GetVersionExA
GetUserDefaultLCID
GetTimeZoneInformation
HeapCreate
GetEnvironmentStringsW
SetEnvironmentVariableA
GetLocaleInfoW
HeapReAlloc
WriteFile
ReadFile
IsValidCodePage
GlobalUnfix
TlsAlloc
GetOEMCP
DeleteCriticalSection
GetProcAddress
TlsSetValue
AllocConsole
HeapDestroy
SetUnhandledExceptionFilter
DebugBreak
GetCurrentProcessId
CompareStringA
SetStdHandle
GetProcessShutdownParameters
SetHandleCount
CloseHandle
GetCPInfo
UnhandledExceptionFilter
CompareStringW
OutputDebugStringA
GetCurrentThreadId
GetSystemTimeAsFileTime
HeapFree
InitializeCriticalSection
GetStartupInfoA
OpenMutexA
FlushFileBuffers
LCMapStringA
EnumSystemLocalesA
InterlockedExchange
GetCurrentThread
MoveFileExA
IsBadReadPtr
RtlUnwind
EnterCriticalSection
GetNumberFormatA
FreeEnvironmentStringsW
GetTickCount
MultiByteToWideChar
InterlockedIncrement
TerminateProcess
LoadLibraryA
GetLastError
VirtualQuery
HeapValidate
LCMapStringW
GetModuleHandleA
SetConsoleCtrlHandler
LeaveCriticalSection
VirtualFree
HeapAlloc
GetTimeFormatA
GetCommandLineA
IsBadWritePtr
FreeEnvironmentStringsA
GetACP
SetFilePointer
InterlockedDecrement
GetCurrentProcess
QueryPerformanceCounter
GetModuleFileNameA
GetEnvironmentStrings
SetEndOfFile
GetLocaleInfoA
TlsFree
GetDateFormatA
GetFileType
WaitNamedPipeW
GetStdHandle

advapi32

CryptDuplicateHash
LookupAccountNameW
RegEnumKeyExW
CryptHashData
RegOpenKeyW
LookupPrivilegeValueW
CryptEnumProviderTypesW
RegEnumKeyW
InitiateSystemShutdownW
CryptSignHashA
RegQueryMultipleValuesA
GetUserNameW
RegEnumKeyExA
CryptDestroyKey
RegQueryValueA
RegSaveKeyA
AbortSystemShutdownW
GetUserNameA
CryptVerifySignatureA
RegConnectRegistryA
CryptSetProviderW
CryptHashSessionKey
CryptGetKeyParam
RegDeleteKeyA
RegReplaceKeyW

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1933d7899bd926b5e5e26f31cad9364f

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

gdi32

user32

kernel32

advapi32

Sections

.text Size: 171KB - Virtual size: 170KB

.rdata Size: 78KB - Virtual size: 78KB

.data Size: 90KB - Virtual size: 108KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 171KB - Virtual size: 170KB

.rdata
Size: 78KB - Virtual size: 78KB

.data
Size: 90KB - Virtual size: 108KB

.rsrc
Size: 30KB - Virtual size: 29KB