acb31c768c69ed5c044fc62ef3d04cd2

Sharing

Copy URL Twitter E-mail

General

Target

acb31c768c69ed5c044fc62ef3d04cd2
Size

532KB
MD5

acb31c768c69ed5c044fc62ef3d04cd2
SHA1

f67b5c7e8d8ef86976de38e9a8daa7a4e05949d8
SHA256

053d405b23882ec5370d5f10ccc6ab165cfa1be12ce8c638ca3e8f457358ea1d
SHA512

b7e76fe7d422af81a88829b4634b246c59da4d2e31933335cbe85c24febcb22847c26773c5b6245217f7f6703194173f0a567ab08eb7b8cb15dcd8ba47bef271
SSDEEP

12288:Oaq5jSNOaDwC5RmvWwrlyuKzd6ufo8r/V3tPi:Oaq5eNOYD5RmvJyuSEsNrV3d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acb31c768c69ed5c044fc62ef3d04cd2

Files

acb31c768c69ed5c044fc62ef3d04cd2
.exe windows:4 windows x86 arch:x86

bf8e09c8f0777299eddd959f286953d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageTimeoutA
DrawStateW
DdeAbandonTransaction
OpenDesktopW
GetProcessDefaultLayout
GetThreadDesktop
CountClipboardFormats
MsgWaitForMultipleObjectsEx
LoadImageW
GetUserObjectSecurity
RegisterClassA
ChangeMenuW
RegisterClassExA
MapDialogRect
ShowCaret
ShowScrollBar
MessageBoxExW
LoadStringW
SendMessageW

kernel32

CompareStringW
GetProcAddress
GetCurrentThread
HeapFree
TlsFree
FreeEnvironmentStringsW
InitializeCriticalSection
GetCurrentDirectoryA
CreateMutexA
VirtualFree
GetStringTypeW
TlsAlloc
CompareStringA
SetStdHandle
GetStartupInfoW
ExitProcess
FlushFileBuffers
GetProcAddress
HeapAlloc
GetCommandLineA
ReadFile
GetCurrentThreadId
GetTimeZoneInformation
GetSystemTime
CreateDirectoryExA
GetEnvironmentVariableA
SetEnvironmentVariableA
SetComputerNameA
SetLastError
GetStringTypeA
MultiByteToWideChar
GetStartupInfoA
QueryPerformanceCounter
GetStdHandle
IsBadWritePtr
WideCharToMultiByte
OpenWaitableTimerA
GetSystemTimeAsFileTime
GetCurrentDirectoryW
UnhandledExceptionFilter
GetLastError
TerminateProcess
InterlockedIncrement
InterlockedExchange
CloseHandle
RtlUnwind
VirtualQuery
LCMapStringW
GetCurrentProcess
FreeEnvironmentStringsA
GetLocalTime
GetCPInfo
RtlZeroMemory
TlsSetValue
LCMapStringA
SetHandleCount
GetEnvironmentStringsW
GetTickCount
GetFileType
CreateEventA
TlsGetValue
WriteConsoleOutputCharacterA
GetModuleFileNameW
GetModuleHandleA
LeaveCriticalSection
SetFilePointer
WriteConsoleW
VirtualLock
HeapReAlloc
GetProcessHeap
EnterCriticalSection
GetCommandLineW
InterlockedDecrement
GetEnvironmentStrings
DeleteCriticalSection
OpenMutexA
GetTempFileNameW
VirtualAlloc
GetModuleFileNameA
WriteFile
GetVersion
LoadLibraryA
GlobalReAlloc
CreateNamedPipeW
lstrcpy
GetAtomNameW
GetCurrentProcessId
HeapCreate
HeapDestroy
OpenFileMappingA

comctl32

InitCommonControlsEx

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf8e09c8f0777299eddd959f286953d5

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 4KB - Virtual size: 33KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 4KB - Virtual size: 33KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 12KB - Virtual size: 11KB