aa116e9b9dd5015db467dfeb3c49dca0

Sharing

Copy URL Twitter E-mail

General

Target

aa116e9b9dd5015db467dfeb3c49dca0
Size

518KB
MD5

aa116e9b9dd5015db467dfeb3c49dca0
SHA1

830f6f2c3b7c26f7819846648d28e707f336829a
SHA256

69038bafaadd719cb26abb3650d7139c2736cea215433b3f2a64bfab0a4bcff0
SHA512

236f53bf5b60189fde59b92604e6f4f2e49fbb655d6f648ddbb93ad4ea044325e3f56620e9865cd98846e934db13fe8276861a826faf1f93d40410259f07ce0c
SSDEEP

12288:evj73VkL2sFJ1UiPw58+mYAKemocejo+NI7ZHu3EKDvuR:cpkPWX58+mYGmocejnI7ZO3EKT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa116e9b9dd5015db467dfeb3c49dca0

Files

aa116e9b9dd5015db467dfeb3c49dca0
.exe windows:4 windows x86 arch:x86

3f2dcf2311a26f345f498eeff74011d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpi
LCMapStringA
TlsFree
VirtualFree
GetConsoleCP
LeaveCriticalSection
GetSystemTimeAsFileTime
GetModuleHandleA
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentThreadId
SetUnhandledExceptionFilter
EnterCriticalSection
GetVersionExA
HeapAlloc
IsValidLocale
CompareStringA
GetEnvironmentStrings
GetCurrentThread
IsDebuggerPresent
CompareStringW
GetStringTypeA
GetConsoleOutputCP
GetLocaleInfoA
OpenMutexA
HeapSize
MultiByteToWideChar
SetHandleCount
FreeEnvironmentStringsW
GetStdHandle
HeapDestroy
GetProcessShutdownParameters
GetFileType
InterlockedIncrement
GetCommandLineA
HeapCreate
TlsSetValue
InterlockedDecrement
FreeEnvironmentStringsA
GetModuleFileNameW
GetCurrentProcess
DeleteCriticalSection
GetCommandLineW
ExitProcess
GetEnvironmentStringsW
FreeLibrary
GetTimeFormatA
GetCPInfo
Sleep
UnhandledExceptionFilter
IsValidCodePage
CreateMutexA
GetUserDefaultLCID
VirtualAlloc
ReadFile
CreateFileA
GetDateFormatA
VirtualQuery
GetCurrentProcessId
HeapReAlloc
GetTimeZoneInformation
ReadFileEx
GetLocaleInfoW
GetConsoleMode
HeapFree
GetStartupInfoA
SetConsoleCtrlHandler
CloseHandle
GetLastError
GetProcAddress
LoadLibraryA
WriteFile
TlsGetValue
GetOEMCP
WriteConsoleA
GetStringTypeW
TerminateProcess
SetLastError
TlsAlloc
SetStdHandle
EnumSystemLocalesA
WriteConsoleW
GetStartupInfoW
GetProfileSectionW
GetProcessHeap
GetTickCount
RtlUnwind
LCMapStringW
OpenEventA
GetACP
SetFilePointer
SetEnvironmentVariableA
InterlockedExchange
InitializeCriticalSection
WideCharToMultiByte
FlushFileBuffers
ExitThread

comctl32

InitCommonControlsEx

user32

OpenDesktopA
UnhookWindowsHookEx
RegisterClassA
DdeKeepStringHandle
RegisterClassExA
DdeQueryStringA

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f2dcf2311a26f345f498eeff74011d8

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 9KB - Virtual size: 28KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 9KB - Virtual size: 28KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 7KB - Virtual size: 7KB