ae19cc834df52216a48fd8bdaff3e404

Sharing

Copy URL Twitter E-mail

General

Target

ae19cc834df52216a48fd8bdaff3e404
Size

343KB
MD5

ae19cc834df52216a48fd8bdaff3e404
SHA1

bdd374d6cf71b0faa16791e557c6f941df430053
SHA256

2f6d9e34aee523b93aef8ffebba39f6cce1f7cb56ee85a326af141c81802325f
SHA512

2c46747a279e5f2e82c2dbd2a7df1ef74d394b31545ad8961a19989600d72bc2519594c06e1d4086f6d469e1a888cbb19dd01ad1f70a654f6e4c7130e75c7108
SSDEEP

6144:DS+ZLWGtpdrTfopW+xLFjkWHF6EhOAQpRT8Y3P05Mck+2gyKnqlcnMDM:DSKN3drTQEckoQpr3upyKqlc0M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae19cc834df52216a48fd8bdaff3e404

Files

ae19cc834df52216a48fd8bdaff3e404
.exe windows:4 windows x86 arch:x86

b44d4a81a53b613c3acfc84297504c9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgA
ChooseColorW

kernel32

WritePrivateProfileSectionA
WideCharToMultiByte
SystemTimeToFileTime
EnumSystemLocalesA
LCMapStringA
GetTimeFormatA
LoadLibraryExA
GetStdHandle
HeapSize
LCMapStringW
WriteFile
ExitProcess
CreateDirectoryW
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
GetStringTypeA
TlsSetValue
TlsGetValue
GetEnvironmentStringsW
GetStringTypeW
SetComputerNameA
FreeLibrary
TerminateProcess
GetConsoleCP
Sleep
CompareStringA
GetLocaleInfoA
FileTimeToDosDateTime
GetOEMCP
HeapReAlloc
WriteConsoleA
HeapCreate
DeleteCriticalSection
MultiByteToWideChar
ReadFile
GetStartupInfoA
QueryPerformanceCounter
GetConsoleMode
GetProcAddress
FreeEnvironmentStringsA
GetProfileIntA
GetTimeZoneInformation
lstrcpynW
GetCPInfo
EnterCriticalSection
SetConsoleCtrlHandler
HeapFree
UnhandledExceptionFilter
SetLocaleInfoW
IsDebuggerPresent
SetEnvironmentVariableA
FreeEnvironmentStringsW
SetStdHandle
GetDateFormatA
GetCurrentProcessId
LeaveCriticalSection
SetUnhandledExceptionFilter
CompareStringW
GetEnvironmentStrings
InterlockedExchange
GetModuleHandleA
TransactNamedPipe
GetModuleFileNameA
SetLocaleInfoA
GetUserDefaultLCID
GetFileAttributesExA
GetLocaleInfoW
VirtualAlloc
HeapAlloc
SetThreadAffinityMask
FlushFileBuffers
GetCommandLineA
SetHandleCount
GetModuleHandleW
IsValidLocale
LoadLibraryA
CloseHandle
GetTickCount
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetACP
GetSystemTimeAsFileTime
GetTempFileNameW
TlsAlloc
SetLastError
CreateMutexA
FindFirstFileExW
OpenMutexA
CreateFileA
VirtualQuery
GetLastError
EnumResourceTypesW
HeapDestroy
GetFileType
LockFile
VirtualFree
GetConsoleOutputCP
GlobalGetAtomNameW
SetFilePointer
IsValidCodePage
TlsFree
InterlockedIncrement
RtlUnwind
WriteConsoleW

comctl32

InitCommonControlsEx

user32

DdeFreeStringHandle
PostThreadMessageA
SetWindowLongW
SendIMEMessageExW
ChangeDisplaySettingsExW
RegisterDeviceNotificationA
wsprintfW
DestroyIcon
RegisterClassA
SendIMEMessageExA
RegisterClassExA
GetCursorPos
GetWindowTextA
MsgWaitForMultipleObjects
MonitorFromPoint

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b44d4a81a53b613c3acfc84297504c9c

Headers

File Characteristics

Imports

comdlg32

kernel32

comctl32

user32

Sections

.text Size: 150KB - Virtual size: 150KB

.rdata Size: 10KB - Virtual size: 31KB

.data Size: 173KB - Virtual size: 173KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 150KB - Virtual size: 150KB

.rdata
Size: 10KB - Virtual size: 31KB

.data
Size: 173KB - Virtual size: 173KB

.rsrc
Size: 8KB - Virtual size: 8KB