aceb476cbfe9d21455ad08d43c462766

Sharing

Copy URL Twitter E-mail

General

Target

aceb476cbfe9d21455ad08d43c462766
Size

632KB
MD5

aceb476cbfe9d21455ad08d43c462766
SHA1

4970c05116db56d1e86d00ab29211a31e66929e4
SHA256

0336863a8656b155243a98926da932f1ad5ad9accd8f0340b562aef36e6b17cc
SHA512

fd782470efc012e3145afb154f429b101b54015ff9d4b528c8b6f9160f162e6f7a9d8e28b2860a69c4ffda53dd90731d2e65652c8abe973dbf000e2b29f8caba
SSDEEP

12288:OPzKqD//d2jqWkZcq8IgOoWjH2fyZSIMv3ygdHqUkt2LB/ruUw:+PD//d2jqWkZcqFgODH8yZSIMv3ygdKr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aceb476cbfe9d21455ad08d43c462766

Files

aceb476cbfe9d21455ad08d43c462766
.exe windows:4 windows x86 arch:x86

ae6c63a0290e6943df9ee28f5e83d981

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderW

kernel32

GetStringTypeA
HeapDestroy
GetStringTypeW
WriteConsoleInputW
GetCommandLineW
CreateMutexA
CloseHandle
FlushFileBuffers
FreeEnvironmentStringsW
InitializeCriticalSection
VirtualProtect
GetLastError
GetCPInfo
TlsSetValue
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryW
InterlockedExchange
GetSystemInfo
VirtualAlloc
VirtualQuery
QueryPerformanceCounter
HeapCreate
LoadLibraryA
TerminateProcess
UnhandledExceptionFilter
GetExitCodeThread
HeapAlloc
TlsFree
ExitProcess
SetThreadContext
GetStartupInfoA
GetCommandLineA
IsValidCodePage
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
WideCharToMultiByte
SetEnvironmentVariableA
WriteFile
GetSystemTimeAsFileTime
EnterCriticalSection
GetProcAddress
HeapSize
TlsGetValue
SetConsoleCursorInfo
SetConsoleCP
GetCurrentProcess
RtlUnwind
IsValidLocale
GetStdHandle
GetCurrentThread
ReadFile
GetOEMCP
HeapReAlloc
GetFileType
CompareStringA
GetTimeFormatA
SetCurrentDirectoryA
OpenMutexA
IsBadWritePtr
MultiByteToWideChar
FreeEnvironmentStringsA
GetUserDefaultLCID
WaitCommEvent
GetStartupInfoW
GetPrivateProfileSectionNamesW
GetVersionExA
GetACP
WaitForMultipleObjectsEx
GetModuleHandleA
SetLastError
GetModuleFileNameA
lstrlenW
EnumSystemLocalesA
GetModuleFileNameW
LeaveCriticalSection
GetDateFormatA
SetFilePointer
HeapFree
TlsAlloc
LCMapStringW
GetFullPathNameA
GetTimeZoneInformation
SetHandleCount
DeleteCriticalSection
GetEnvironmentStringsW
VirtualFree
SetStdHandle
GetEnvironmentStrings
LCMapStringA
GetTickCount

advapi32

RegEnumKeyW
InitiateSystemShutdownA
LogonUserA
CryptSetProviderExA
RegLoadKeyW
LookupAccountSidA
DuplicateTokenEx
RegLoadKeyA
CryptDuplicateKey
CryptContextAddRef
CryptSetProvParam
RegEnumKeyA
RegCreateKeyA
CryptEnumProviderTypesA
RegSaveKeyW
RegCreateKeyW
RegQueryValueExA
CryptGenRandom
CryptGetKeyParam
RegOpenKeyW

comctl32

InitCommonControlsEx

user32

GetWindowLongW
DrawTextExW
SetTimer
InvertRect
CallWindowProcW
GetWindowModuleFileNameA
CharLowerBuffA
UnhookWindowsHook
ChangeDisplaySettingsExA
SetSystemCursor
GetWindowTextA
BringWindowToTop
GetKeyNameTextA
GetMenuItemInfoA
EndTask
DragObject
BeginDeferWindowPos
RegisterClassExA
EnableMenuItem
MessageBoxIndirectA
RegisterClassA

comdlg32

ChooseFontW
PageSetupDlgA
GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae6c63a0290e6943df9ee28f5e83d981

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

comctl32

user32

comdlg32

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 9KB - Virtual size: 23KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 9KB - Virtual size: 23KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 13KB - Virtual size: 13KB