a45a03e5b0a54d6c2e63f2446de65b45

Sharing

Copy URL

Twitter E-mail

General

Target

a45a03e5b0a54d6c2e63f2446de65b45
Size

256KB
MD5

a45a03e5b0a54d6c2e63f2446de65b45
SHA1

445ea5e1c0b27774fec30a4695503e68e130d4dd
SHA256

818d670b77db4d6d3efabf1d45af91d251b14d44f0dab70edafc47268e40f079
SHA512

058930d5f633205f60af01b7a68b08f5e718be3b8ed2bcba47b1b59522514153a0a38469a45fe957f89b90e96cf8ef9d5908a8f998f50897a20e6366ea117a38
SSDEEP

6144:5+kFCNPA6tMrugLzldzWsJHe8WIXbqyGcXRE:5+kJMRgHldztBegX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a45a03e5b0a54d6c2e63f2446de65b45

Files

a45a03e5b0a54d6c2e63f2446de65b45
.exe windows:4 windows x86 arch:x86

fd24d2c3aa9bbaa923f7ea88fa781b49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeA

gdi32

GetTextExtentPointA
UnrealizeObject
ExtEscape
SelectClipPath
RectInRegion
CreateMetaFileW
GetBkMode
GetGlyphOutlineA
SetAbortProc
PathToRegion
GetEnhMetaFileDescriptionA
GetTextMetricsA
SetColorAdjustment
GetClipRgn
EnumFontsW
GetPolyFillMode
CreateRectRgn
GetStretchBltMode
RoundRect
GetBrushOrgEx
GetTextExtentPoint32W

kernel32

ClearCommBreak
EnumCalendarInfoA
RaiseException
GetAtomNameA
RemoveDirectoryW
CreateWaitableTimerA
GetThreadContext
lstrlenA
VirtualAlloc
SetThreadLocale
SetProcessAffinityMask
CancelIo
GetACP
IsValidLocale
SetEnvironmentVariableA
TlsGetValue
GetFileInformationByHandle
ScrollConsoleScreenBufferA
PurgeComm
OutputDebugStringA
SystemTimeToFileTime
FileTimeToLocalFileTime
GetDiskFreeSpaceExA
ReadFile
GetShortPathNameW
CreatePipe
GetStartupInfoA
EnumResourceNamesW
GetFileType
DeleteFiber
lstrcmpiA
GetModuleHandleA
SetConsoleWindowInfo

ws2_32

gethostbyaddr
WSASendDisconnect
closesocket
WSAUnhookBlockingHook
getprotobyname
accept
WSAEnumNameSpaceProvidersA
WSAConnect
getservbyname

user32

RegisterClipboardFormatW
PeekMessageW
GetClipboardFormatNameA
GetClipboardOwner
DrawTextExW
SetWindowsHookExW
CreateWindowStationW
SendMessageCallbackW
GetDlgItem
CloseClipboard
LoadIconW
TranslateAcceleratorA
GetAncestor
ActivateKeyboardLayout
CreateWindowExA
BringWindowToTop
CopyImage
CharUpperW
GetClipboardSequenceNumber
SendMessageW
SetDlgItemTextA
InsertMenuItemA
EnumDisplaySettingsExW
EnumDesktopsW
GetMessageExtraInfo
GetWindowWord
EnumWindowStationsA
GetUpdateRgn
BroadcastSystemMessageW
GetWindowTextLengthW
CharNextExA
CreateDialogParamA
FindWindowA
CharUpperBuffA
ReplyMessage
CreateDialogIndirectParamA
EnumChildWindows
SendNotifyMessageW
OpenWindowStationW
FlashWindowEx
GetClipboardData
SetClassLongA
DrawFrameControl
GetSysColorBrush
wvsprintfW
GetUserObjectInformationW
GetKeyboardType
SystemParametersInfoW
BroadcastSystemMessageA
WaitMessage
CopyAcceleratorTableA
GetUpdateRect
GetClassNameA
IsWindowVisible
ModifyMenuA
IsZoomed

advapi32

OpenSCManagerW
RegCreateKeyA
GetSidSubAuthorityCount
RegQueryValueA
RegSetValueExA
ChangeServiceConfigA
RegCloseKey
ReportEventA
SetFileSecurityA
EnumServicesStatusA
LookupPrivilegeValueW
CryptImportKey
GetSecurityDescriptorGroup
InitializeAcl
RegFlushKey
LookupAccountSidW
RegRestoreKeyW
AdjustTokenPrivileges
ObjectDeleteAuditAlarmW
GetUserNameA
CryptEncrypt
PrivilegeCheck
EnumDependentServicesA
ControlService
CryptGenKey
RegSaveKeyA
NotifyChangeEventLog
CryptVerifySignatureW
QueryServiceConfigA
StartServiceA
AddAce
CryptAcquireContextW
RegNotifyChangeKeyValue
SetServiceStatus
CryptDestroyKey
RegRestoreKeyA
CopySid
OpenSCManagerA
InitializeSecurityDescriptor
GetCurrentHwProfileW
MapGenericMask
RegEnumValueW
RegGetKeySecurity

ole32

OleBuildVersion
CoFreeUnusedLibraries
CoUninitialize
MkParseDisplayName
OleGetIconOfClass
OleRegGetUserType
ReadClassStm

shell32

SHFileOperationW
SHAddToRecentDocs
SHGetPathFromIDListA
DragAcceptFiles
ExtractIconExW
SHChangeNotify
SHGetDesktopFolder

oleaut32

LoadTypeLibEx
QueryPathOfRegTypeLi
SetErrorInfo
SafeArrayGetElement
SafeArrayCreate
SafeArrayGetLBound
SafeArrayPutElement

msvcrt

exit
iswspace
_wsetlocale
_waccess
_vsnwprintf
_mbsicmp
_ecvt
_wcsdup
_chsize
_stricmp
_fstat
_mbsnbcat
setbuf
_wpopen
_strnicmp
wcstol
_beginthreadex
wcscat
strcspn
_wfullpath
putchar
_ismbcdigit
_strnicoll
_close
_pipe
isleadbyte
_mbschr
_wtoi64
iswalpha
bsearch
strncpy
_eof
fputc
_setmbcp
_tell
_putws
strtoul
_lseek
_wfsopen
_itow
getenv
_execlp
iswascii
isspace
_itoa
_umask
_fullpath
_spawnvp
_mbsnbicmp
_getdrive
_getpid
wprintf
_exit
_XcptFilter
_pclose
_acmdln
__getmainargs
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm

Sections

wocoqgu
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

coooo
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

icwyqqg
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

msacc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd24d2c3aa9bbaa923f7ea88fa781b49

Headers

File Characteristics

Imports

version

gdi32

kernel32

ws2_32

user32

advapi32

ole32

shell32

oleaut32

msvcrt

Sections

wocoqgu Size: 200KB - Virtual size: 198KB

coooo Size: 8KB - Virtual size: 6KB

icwyqqg Size: 16KB - Virtual size: 14KB

msacc Size: 28KB - Virtual size: 26KB

wocoqgu
Size: 200KB - Virtual size: 198KB

coooo
Size: 8KB - Virtual size: 6KB

icwyqqg
Size: 16KB - Virtual size: 14KB

msacc
Size: 28KB - Virtual size: 26KB