aa2a39a95e72f97ba3eb99c1e9424d0b

Sharing

Copy URL Twitter E-mail

General

Target

aa2a39a95e72f97ba3eb99c1e9424d0b
Size

173KB
MD5

aa2a39a95e72f97ba3eb99c1e9424d0b
SHA1

58e10dfc114ea6c52d630e7996af4b8513d01d3c
SHA256

b47126a4114904f76721a4160bf8c804e0844269c5e8f2386328a69aa04dc677
SHA512

8eb6e2dfcb968a1c512d1b63c5aabbb92428014b016a682ca5d755f25d6214f434a451a287f1dfc61f624820f772278d48ed9cf1abbaf4a87329bedb8f884d4e
SSDEEP

3072:IGHd4QUlFt5HN3MKMOizBWM6OWzR3OsBPBCQNqw+/vWM3nkHG:JilFtjcAitQ/NqwKvWM3kHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa2a39a95e72f97ba3eb99c1e9424d0b

Files

aa2a39a95e72f97ba3eb99c1e9424d0b
.exe windows:4 windows x86 arch:x86

385160e2a507101e803464e1cd2be56e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

msimg32

AlphaBlend

ole32

OleFlushClipboard
CoRegisterMessageFilter
CoCreateInstance
CreateILockBytesOnHGlobal
CoGetProcessIdentifier
CoUninitialize
StgCreateDocfileOnILockBytes
OleInitialize
CoTaskMemFree
CLSIDFromProgID
CoTaskMemAlloc
CoRevokeClassObject
OleUninitialize
CoInitialize
CoGetClassObject
OleIsCurrentClipboard
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CLSIDFromString

shlwapi

PathRemoveFileSpecA
PathAppendA

user32

GetMonitorInfoA
GetClientRect
GetDesktopWindow
CreateWindowExA
MonitorFromWindow
GetActiveWindow
GetDC
ScrollWindowEx
ReleaseDC
RegisterClassA
EnumDisplayMonitors
OffsetRect
LoadCursorA
SetActiveWindow
GetSystemMetrics
WindowFromDC
MonitorFromPoint
CharNextW
DefWindowProcA
GetWindowRect
DestroyWindow
SetWindowPos
LoadIconA
UnregisterClassA

gdi32

EndDoc
AbortDoc
BitBlt
SaveDC
CreateCompatibleBitmap
SetStretchBltMode
CreateRectRgn
StretchDIBits
StartPage
Escape
StretchBlt
DeleteDC
EndPath
IntersectClipRect
CreateDIBSection
SetMiterLimit
GetStockObject
CreatePatternBrush
SetGraphicsMode
GetWorldTransform
GetClipBox
GetDeviceCaps
CreatePalette
RestoreDC
CreateICW
StartDocW
FillPath
ModifyWorldTransform
BeginPath
SelectClipPath
CreatePolyPolygonRgn
ExtCreatePen
SelectPalette
StrokePath
SetWorldTransform
GetCurrentObject
OffsetRgn
CreateCompatibleDC
GetObjectA
GetRgnBox
CloseFigure
GetGraphicsMode
ResetDCW
SetPolyFillMode
DeleteObject
RealizePalette
GetRegionData
EqualRgn
CreateBrushIndirect
Rectangle
EndPage
SetDIBits
SelectClipRgn
MoveToEx
SetROP2
CombineRgn
SetBrushOrgEx
PatBlt
LineTo
SelectObject
CreateDCW
PolylineTo
ExtSelectClipRgn
GetDIBColorTable
GetViewportOrgEx
ExtEscape
PolyBezierTo
CreateBitmap
PolyDraw

kernel32

GetLocaleInfoA
FreeLibrary
ReleaseSemaphore
GetProfileStringW
GetCalendarInfoW
GetCurrentProcessId
InterlockedIncrement
GetTempPathW
GetCurrentProcess
LocalAlloc
LoadLibraryA
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetSystemDefaultLCID
GetTimeFormatA
WideCharToMultiByte
GetUserDefaultLangID
GetModuleFileNameA
GetACP
SetThreadPriority
CreateSemaphoreA
GetDateFormatW
GetTickCount
MultiByteToWideChar
CreateMutexA
GetEnvironmentVariableW
CloseHandle
TerminateProcess
InterlockedExchange
GetSystemDirectoryA
GetThreadLocale
ReleaseMutex
GlobalUnlock
GlobalAlloc
GetProcAddress
GetLastError
GlobalSize
TlsFree
GetFileSize
GlobalFree
GetLocalTime
GetThreadPriority
GlobalLock
GetCurrentThreadId
EnumResourceNamesA
FindClose
GetVersionExA
GetFileTime
InitializeCriticalSection
lstrcmpW
FindNextFileA
DeleteFileW
UnhandledExceptionFilter
GetModuleHandleA
Sleep
TlsSetValue
TlsGetValue
SetCurrentDirectoryA
CreateFileA
FindFirstFileA
InterlockedCompareExchange
GetSystemInfo
WaitForSingleObject
GetTimeFormatW
GetCurrentThread
DeleteCriticalSection
SetUnhandledExceptionFilter
GetCurrentDirectoryA
ExitProcess
lstrlenW
GetDateFormatA
EnterCriticalSection
GetWindowsDirectoryA
LeaveCriticalSection
ReadFile
RaiseException

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

385160e2a507101e803464e1cd2be56e

Headers

File Characteristics

Imports

advapi32

msimg32

ole32

shlwapi

user32

gdi32

kernel32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 71KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 71KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 92KB