a51a357eee88dd3dcf3794273be1847dee45ce297b21225645609897019bf49b

Sharing

Copy URL Twitter E-mail

General

Target

a51a357eee88dd3dcf3794273be1847dee45ce297b21225645609897019bf49b
Size

1.1MB
MD5

246a0f8571852944b977aa6e7b9280a4
SHA1

d59bd8b8c2e210b3493717b814395a059fd33fe2
SHA256

a51a357eee88dd3dcf3794273be1847dee45ce297b21225645609897019bf49b
SHA512

18c5784a39976f6acd8df1070e3dcadb3cbfefb4a1a3c53ccb5ca33242a4229e86bfdf9490a7eb673e8aa8c89dc1146cd8b8b9c5521fceb2be2f5dee5266e80f
SSDEEP

12288:QhV2GJ/I0yafA/yxAAMz1JLFVEtz0xYlCP3128nPMQ8PS1AlpePqiGRhoVmyJq7L:DGhI0bT96LLb9B9l38uAlslGPoVRJq7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a51a357eee88dd3dcf3794273be1847dee45ce297b21225645609897019bf49b

Files

a51a357eee88dd3dcf3794273be1847dee45ce297b21225645609897019bf49b
.exe windows:1 windows x86 arch:x86

dd24c9ed9807c9ae292088fcfc76ea3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
CreateServiceA
StartServiceA
QueryServiceStatus
ControlService
OpenServiceA
DeleteService

kernel32

SetLastError
LocalFree
GetFileAttributesA
GetLastError
DeleteFileA
LoadLibraryA
WideCharToMultiByte
CopyFileA
GetWindowsDirectoryA
SetFileAttributesA
lstrcpyA
GetModuleHandleA
OpenFile
GlobalFree
GetSystemDirectoryA
WriteFile
CreateFileA
ReadFile
GlobalAlloc
Sleep
FindClose
CloseHandle
MoveFileA
DeviceIoControl
GetVersion
OpenProcess
TerminateProcess
CreateEventA
LocalReAlloc
LocalAlloc
GetCurrentProcessId
GetProcAddress
SetEvent
GetVersionExA
GetModuleFileNameA
FreeLibrary
GetEnvironmentStrings
GetCommandLineA
ExitProcess
GetLocalTime
RtlUnwind
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
MultiByteToWideChar
SetFilePointer
GetTimeZoneInformation
SetStdHandle
FlushFileBuffers
SetEndOfFile
SetEnvironmentVariableA
WaitForSingleObject
FindFirstFileA
GetStartupInfoA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
GetLogicalDrives

user32

PostQuitMessage
MessageBoxA
DialogBoxParamA
DefWindowProcA
EndDialog
SendMessageA
GetDlgItem
GetKeyboardType
EnumWindows
RegisterClassA
LoadIconA
IsWindowVisible
EndPaint
PeekMessageA
SendMessageCallbackA
SetForegroundWindow
FindWindowA
UpdateWindow
ShowWindow
DestroyWindow
LoadCursorA
BeginPaint
SystemParametersInfoA
CreateWindowExA
GetWindowTextA
GetParent
GetWindowThreadProcessId

gdi32

TextOutA
SetBkColor

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 905KB - Virtual size: 905KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd24c9ed9807c9ae292088fcfc76ea3c

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

version

Sections

.text Size: 152KB - Virtual size: 151KB

.bss Size: - Virtual size: 60KB

.rdata Size: 1024B - Virtual size: 1016B

.data Size: 905KB - Virtual size: 905KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 77KB - Virtual size: 80KB

.text
Size: 152KB - Virtual size: 151KB

.bss
Size: - Virtual size: 60KB

.rdata
Size: 1024B - Virtual size: 1016B

.data
Size: 905KB - Virtual size: 905KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 77KB - Virtual size: 80KB