a20bef447af46c8cc9925bdc5aaca35a20e05f8142711204b26316fb5c8de293

Sharing

Copy URL Twitter E-mail

General

Target

a20bef447af46c8cc9925bdc5aaca35a20e05f8142711204b26316fb5c8de293
Size

152KB
MD5

31beec36d3cbee1b13007335ae0e6dea
SHA1

6358508be101bba5563e092ea88f08f3df565893
SHA256

a20bef447af46c8cc9925bdc5aaca35a20e05f8142711204b26316fb5c8de293
SHA512

80a378abb66af72c2b0c7cfcc6b645ed2ccb26dd6f901aa8e96552f0eb8f17aa100a111b3247c400a9f02a122950dd3e0bcece28845010b212bea09c47ea3348
SSDEEP

3072:BYiUE/K8FoVbZZEZNYNLFGLEJtS8T8aZqqNlBP6:BYiUE/aV1iZN+L+E7ScZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a20bef447af46c8cc9925bdc5aaca35a20e05f8142711204b26316fb5c8de293

Files

a20bef447af46c8cc9925bdc5aaca35a20e05f8142711204b26316fb5c8de293
.exe windows:4 windows x86 arch:x86

1c3591f9e67fac324687634324f54806

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetSystemDirectoryA
MoveFileA
DeleteFileA
CopyFileA
lstrcpyA
lstrlenA
CreateProcessA
WaitForSingleObject
CloseHandle
GetShortPathNameA
GetModuleFileNameA
GetLastError
GlobalFindAtomA
GlobalAddAtomA
GetExitCodeProcess
GetCurrentDirectoryW
IsBadCodePtr
FreeLibrary
OpenProcess
GetProcAddress
LoadLibraryA
GetExitCodeThread
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcatA
MoveFileExA
WideCharToMultiByte
GlobalFree
GlobalUnlock
MultiByteToWideChar
GlobalLock
GlobalAlloc
GetCurrentProcess
CreateDirectoryA
CreateEventA
InitializeCriticalSection
SetLastError
CreateFileA
SetFilePointer
CreateFileW
GetStdHandle
ReadFile
WriteFile
GetFileAttributesA
GetTempPathA
GetWindowsDirectoryA
GetDriveTypeA
ExitProcess
TerminateProcess
HeapAlloc
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFileType
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
HeapFree
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
RtlUnwind
CreateDirectoryW
GetDriveTypeW
FindFirstFileW
DeleteCriticalSection
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TlsAlloc
TlsGetValue
SetStdHandle
SetEndOfFile
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetEnvironmentVariableW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
FlushFileBuffers
GetFullPathNameA
GetCurrentDirectoryA
GetFullPathNameW
GetCPInfo
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetUnhandledExceptionFilter

user32

DialogBoxIndirectParamW
MessageBoxA
GetTabbedTextExtentA
GetDlgItem
SetFocus
SystemParametersInfoA
GetDC
ReleaseDC
LoadBitmapA
GetSysColor
GetSystemMetrics
SetWindowPos
SetForegroundWindow
ExitWindowsEx
DdeInitializeA
DdeCreateStringHandleA
DdeConnectList
DdeQueryNextServer
DdeClientTransaction
DdeDisconnectList
DdeFreeStringHandle
DdeUninitialize
EndDialog
GetDlgItemTextA
wsprintfA
PostQuitMessage
PostMessageA
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA

gdi32

SelectObject
BitBlt
DeleteDC
CreatePalette
GetNearestColor
GetObjectA
GetBitmapBits
SetBitmapBits
GetNearestPaletteIndex
GetDeviceCaps
CreateFontA
GetTextMetricsA
CreateCompatibleDC
GetStockObject
CreateSolidBrush
DeleteObject
SetBkColor
GetSystemPaletteEntries
CreateDIBitmap

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyA
RegEnumKeyA
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
OpenProcessToken
GetTokenInformation
RegSetValueExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA

setupapi

SetupInitDefaultQueueCallbackEx
SetupInstallFilesFromInfSectionA
SetupOpenFileQueue
SetupGetTargetPathA
SetupDefaultQueueCallbackA
SetupSetDirectoryIdA
SetupCommitFileQueueA
SetupCloseInfFile
SetupGetLineTextA
SetupOpenInfFileA
SetupCloseFileQueue
SetupTermDefaultQueueCallback
SetupInstallFromInfSectionA

mpr

WNetGetUniversalNameA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c3591f9e67fac324687634324f54806

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

setupapi

mpr

ole32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 32KB - Virtual size: 60KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 32KB - Virtual size: 60KB

.rsrc
Size: 4KB - Virtual size: 2KB