a035926c41d1e843ceb8f8da69740eca19751a67d0f874ad332656ca13e594a4

Sharing

Copy URL Twitter E-mail

General

Target

a035926c41d1e843ceb8f8da69740eca19751a67d0f874ad332656ca13e594a4
Size

164KB
MD5

69d9c5a5c8e214d4a468cb714b26b9dc
SHA1

8265f109719104cffe0c67b2e7630a6671cab96e
SHA256

a035926c41d1e843ceb8f8da69740eca19751a67d0f874ad332656ca13e594a4
SHA512

f1881eeaeb519b0e974942b2172c28d915acdf355d8cc234281bb1bd37b8fe1a1534af5d71a4fd3c5096f4a453e2e1371fcc44cd92339250d3d4285934a5fcd9
SSDEEP

1536:p56lscUMOTOorGEarxPvh/aAhuxinhLTTUnwhYlFfHj0V+z55k8:iqcUM6OoerL/bLd4Fb0Vs55k8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a035926c41d1e843ceb8f8da69740eca19751a67d0f874ad332656ca13e594a4

Files

a035926c41d1e843ceb8f8da69740eca19751a67d0f874ad332656ca13e594a4
.exe windows:5 windows x86 arch:x86

a1fccb4bed2462ef200b79779234676f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord6

kernel32

CloseHandle
WriteFile
CreateFileA
WritePrivateProfileStringA
GetVersionExA
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GlobalAlloc
RtlUnwind
_llseek
MultiByteToWideChar
LCMapStringA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
GlobalLock
GetLastError
FormatMessageA
WinExec
GetPrivateProfileStringA
GetCurrentThread
_lopen
HeapSize
_lread
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
_lclose
GetProfileStringA
LCMapStringW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStdHandle
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
CompareStringW

user32

CallWindowProcA
SetWindowPos
GetWindowRect
EndDialog
LoadIconA
LoadCursorA
RegisterClassA
LoadMenuA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
MoveWindow
PostQuitMessage
GetDC
ReleaseDC
CreateWindowExA
SetFocus
BeginPaint
EndPaint
DestroyWindow
MessageBeep
EnableWindow
GetParent
EnableMenuItem
DefWindowProcA
SetWindowsHookExA
MessageBoxA
UnhookWindowsHookEx
DialogBoxParamA
CallNextHookEx
SetWindowLongA
GetDlgItem
SendMessageA
ClientToScreen

gdi32

GetTextMetricsA
GetDeviceCaps
CreateBrushIndirect
CreateSolidBrush
CreateDCA
SetBkColor
SetTextColor
DeleteObject

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
PrinterProperties

comdlg32

GetOpenFileNameA
CommDlgExtendedError

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1fccb4bed2462ef200b79779234676f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 71KB - Virtual size: 119KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 71KB - Virtual size: 119KB

.rsrc
Size: 4KB - Virtual size: 3KB