beba2aa8c1798afaa4e7a021ca19fe8f

Sharing

Copy URL Twitter E-mail

General

Target

beba2aa8c1798afaa4e7a021ca19fe8f
Size

378KB
MD5

beba2aa8c1798afaa4e7a021ca19fe8f
SHA1

6af93555f936b0872a658b0bb9426bcd7058b04f
SHA256

79febbb4353911e8035759d70c50eba51b88daf9d723c7b2ea5e7754e2129afe
SHA512

7a0172b8a2200d008a1452585fdf8615383cade7a02ea0bec291893c9ea0af465ab09ed1f29931cde63f08d9d55b68253fd4733a252f33ce6e938c8c8638580b
SSDEEP

6144:8hPLM2LztgtzNLd27U0iH38u5o2rEWu2GZx5ttGiVp1VgdHGHEU:MPLM2FWzz2ncMOr6FtGiVNgdmV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
beba2aa8c1798afaa4e7a021ca19fe8f

Files

beba2aa8c1798afaa4e7a021ca19fe8f
.exe windows:4 windows x86 arch:x86

a307efc34eff80d732fed524d0933d69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateMutexA
GetACP
VirtualAlloc
GetProcAddress
HeapFree
SetEnvironmentVariableA
LCMapStringW
ReadFile
GetVersionExA
TlsAlloc
GetTickCount
WriteFile
QueryPerformanceCounter
GetTimeZoneInformation
GetCurrentThreadId
HeapCreate
GetLocaleInfoA
ExitProcess
HeapReAlloc
UnhandledExceptionFilter
GetStartupInfoA
TlsSetValue
GetModuleHandleA
LCMapStringA
TlsGetValue
MultiByteToWideChar
GetEnvironmentStringsW
LoadLibraryA
OpenMutexA
GetLastError
GetCPInfo
GetTimeFormatA
HeapDestroy
EnterCriticalSection
IsBadWritePtr
IsValidCodePage
GetCurrentProcess
GetFileType
FlushFileBuffers
GetCommandLineA
WideCharToMultiByte
IsValidLocale
FreeEnvironmentStringsW
RtlUnwind
GetCurrentProcessId
InitializeCriticalSection
CompareStringW
GetOEMCP
InterlockedExchange
LeaveCriticalSection
DeleteCriticalSection
GetLocaleInfoW
SetLocaleInfoW
VirtualProtect
SetThreadAffinityMask
TerminateProcess
GetEnvironmentStrings
HeapSize
CompareStringA
VirtualFree
HeapAlloc
VirtualQuery
GetSystemInfo
EnumSystemLocalesA
GetDateFormatA
GetStdHandle
GetCurrentThread
GetModuleFileNameA
GetStringTypeA
FreeEnvironmentStringsA
GetUserDefaultLCID
SetStdHandle
SetHandleCount
SetFilePointer
GetSystemTimeAsFileTime
SetLastError
TlsFree
GetStringTypeW

comctl32

InitCommonControlsEx

gdi32

GetGlyphOutlineA
CreateHalftonePalette
DeleteEnhMetaFile
WidenPath
CreateICW
InvertRgn
GetAspectRatioFilterEx
CreateDCW
Pie
CreateDIBPatternBrushPt
GdiPlayScript
FillRgn

user32

RegisterClassExW
RegisterClassExA
SetMenuInfo
SetWindowPos
GetGuiResources
FlashWindowEx
SetUserObjectInformationW
GetMenuDefaultItem
SetPropW
BringWindowToTop
OffsetRect
CharPrevA
RegisterClassA
GetMenuItemInfoW
CopyRect
GetDlgItemInt
GetSystemMenu
CreateDesktopW

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a307efc34eff80d732fed524d0933d69

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

user32

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 8KB - Virtual size: 23KB

.data Size: 173KB - Virtual size: 173KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 8KB - Virtual size: 23KB

.data
Size: 173KB - Virtual size: 173KB

.rsrc
Size: 2KB - Virtual size: 2KB