aa2e67ff42abdb693409814f5dddf364

General

Target

aa2e67ff42abdb693409814f5dddf364
Size

248KB
MD5

aa2e67ff42abdb693409814f5dddf364
SHA1

21e9ac0cfcc1b9fd15e4e820e8d83e57f241584f
SHA256

86324106fad8b27223dc1167a01b44ffe36a13b569f736e6157f8a9e7468dbea
SHA512

e206ac04fc35122335c71e9aa68b2d0d6df91a0d513d3d4394467dd1ee9534830448f460ab256ab409bd41734698b721e62ad72ee7f6a8238519d35f5c291d30
SSDEEP

3072:BrOadf7aLRd/RakfwlTxlZVpmdGSi2zrq2IFB25llJlHy66s6MCt+5JBh0qtLUUf:BrOiGXZrirUdGsnqzu5llB6tZoM2418

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa2e67ff42abdb693409814f5dddf364

Files

aa2e67ff42abdb693409814f5dddf364
.exe windows:4 windows x86 arch:x86

806e955bb8317300d871a0a32c6f8027

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetFileType
GetCommandLineA
WideCharToMultiByte
GetCommandLineA
GetCPInfo
GetCommandLineA
lstrcpynA
GetCommandLineA
lstrcatA
GetCommandLineA
GetConsoleCP
GetCommandLineA
FreeLibrary
GetCommandLineA
ExitProcess
GetCommandLineA
GetLastError
GetCommandLineA
lstrcmpA
GetConsoleCP
GetFileAttributesA
GetFileSize
GetStdHandle
FreeLibrary
GetModuleFileNameA
Sleep
WideCharToMultiByte
GetDateFormatA
lstrcmpA
GetFileType
GetCPInfo
lstrcmpiA
GetLastError
HeapAlloc
lstrcpyA
GlobalFree

user32

IsWindow
AppendMenuW
CopyRect
DialogBoxParamA
DrawIcon
GetWindowTextA
LoadCursorA
BlockInput
AlignRects
LoadMenuA
GetDlgItem
CloseWindow
GetWindowTextLengthA
IsMenu
InsertMenuA
AppendMenuA
DrawTextW
DrawIconEx
GetDC

advapi32

RegOpenKeyA
RegCreateKeyExA
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyW
RegQueryValueA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyW
RegDeleteKeyW
RegQueryValueW
RegLoadKeyA
RegQueryValueExW
RegEnumKeyExA
RegCreateKeyExW
RegReplaceKeyA
RegGetKeySecurity

Sections

.tadt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eaata
Size: 11KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idaaa
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

806e955bb8317300d871a0a32c6f8027

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.tadt Size: 10KB - Virtual size: 10KB

.rdata Size: 217KB - Virtual size: 216KB

.eaata Size: 11KB - Virtual size: 46KB

.reloc Size: 4KB - Virtual size: 5KB

.idaaa Size: 1024B - Virtual size: 1KB

.tadt
Size: 10KB - Virtual size: 10KB

.rdata
Size: 217KB - Virtual size: 216KB

.eaata
Size: 11KB - Virtual size: 46KB

.reloc
Size: 4KB - Virtual size: 5KB

.idaaa
Size: 1024B - Virtual size: 1KB