a543a4c5284989330c9defab468e68d0N

Sharing

Copy URL Twitter E-mail

General

Target

a543a4c5284989330c9defab468e68d0N
Size

215KB
MD5

a543a4c5284989330c9defab468e68d0
SHA1

3966fc87d6cb6f734db2bd33e5dbf2aa73ca9636
SHA256

371b95c2a15a6c1dd6a809485c5c219492dfacc4244efc28f01b1a18d211c4f4
SHA512

525e177197f394c5a857a4a8c4d2d48d4163f556a4a5ac3d1bcba5f4783c960e83f0baacc9d59048d80c6632dc81f9080eb8cd808b52b6a8369218f5e62e4658
SSDEEP

3072:roAbvJrZ/CEp1Td3INNAILgwKRpP3fJ2pwLAt/iw1JmWTe1eyfLUH+xW6Lyk:r7vJN/CE/TZINiPPBIwcuWTegi9W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a543a4c5284989330c9defab468e68d0N

Files

a543a4c5284989330c9defab468e68d0N
.exe windows:1 windows x86 arch:x86

a0f41bd5de82cbb844f692b48ffd09bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
GetFileTime
GetPriorityClass
OpenMutexW
lstrcatA
GetShortPathNameW
GlobalFindAtomW
GetWindowsDirectoryW
GetProcAddress
GetDateFormatW
CreateMutexA
GetModuleHandleA
CopyFileA
lstrcmpW
CreateFileMappingW
FindAtomW
GetLastError
GetExpandedNameA
OpenEventA
GetUserDefaultLangID
CreateFileMappingA
CreateDirectoryA
ReadDirectoryChangesW
GetCurrentDirectoryA
lstrcmpA
FatalAppExitW
SetEvent
GetEnvironmentStringsW
GetExpandedNameW
lstrlenA
GetNumberFormatW
GetFileType
EnumDateFormatsW
DosDateTimeToFileTime
GetStringTypeA
lstrcmpW
IsBadReadPtr
EndUpdateResourceA
TlsAlloc
OpenSemaphoreW
GetStartupInfoW
GetCurrentProcess
GetFullPathNameA
GetTickCount
GetHandleInformation
GetCurrentThread
GetTempPathW
OpenEventW
GetFullPathNameW
EnumTimeFormatsW
GetVolumeInformationW
FatalAppExitA
lstrcpyA
lstrlenW
CreateNamedPipeW
lstrcmp
FileTimeToSystemTime
GetAtomNameW
DisconnectNamedPipe

user32

CharNextW
EnumDesktopsW
MessageBeep
DialogBoxParamA
GetClassNameW
CallWindowProcA
InsertMenuItemA
SetCursor
FlashWindow
WaitForInputIdle
EnumDesktopsA
RegisterClassExW
ChildWindowFromPoint
LoadBitmapW
CharLowerA
GetForegroundWindow
DrawTextW
UnregisterClassA
CopyImage
CreateDialogParamA
GetDlgItemInt
CopyRect
SetWindowLongW
DefDlgProcW
SetWindowTextW
EnableMenuItem
CreateDialogParamW
GetScrollPos
GetSysColor
GetMenuItemInfoA
RegisterClassA
LoadImageW
DialogBoxParamW
DefWindowProcA
GetClassInfoW
PeekMessageW
GetDC
DefFrameProcW
GetClassInfoExW
wvsprintfA
GetWindowTextLengthA
DeleteMenu
CopyIcon
SetCursorPos
SendMessageW
FindWindowW
CreatePopupMenu
ActivateKeyboardLayout
LoadCursorW
IsIconic
wvsprintfW
MessageBoxA
GetSubMenu
SetDlgItemTextA
IsWindow

gdi32

SelectClipPath
SetROP2
SetDIBits
CreateFontW
GetFontData
GetDeviceCaps
GetArcDirection
GetGraphicsMode
CloseMetaFile
SetViewportOrgEx
EnumFontFamiliesW
EnumFontFamiliesExW
ExtEscape
CreateSolidBrush
GetClipRgn
GetPaletteEntries
CreateMetaFileA
GetEnhMetaFileHeader
RemoveFontResourceW
GetICMProfileW
GetCharABCWidthsFloatA

advapi32

RegSetValueA
RegEnumValueW
RegEnumKeyW
RegFlushKey
RegDeleteKeyW
RegRestoreKeyW
RegDeleteValueA
RegQueryInfoKeyA

shell32

StrNCmpIA
StrCmpNIW
ShellExecuteW
SHBrowseForFolderW

comdlg32

PrintDlgA
GetFileTitleW
PrintDlgExA
PageSetupDlgW
ReplaceTextA
ReplaceTextW
GetSaveFileNameW
ChooseFontA
PrintDlgExW
PageSetupDlgA
LoadAlterBitmap

ole32

CoGetClassObject
GetClassFile
CoGetInstanceFromIStorage
BindMoniker
CoGetDefaultContext
OleUninitialize
CoCreateInstance
CoGetMalloc

ws2_32

WSADuplicateSocketW
send
getservbyport
WSADuplicateSocketA
accept
gethostname

winmm

mixerClose
midiInAddBuffer
PlaySound
midiInPrepareHeader
midiInGetID
mmioAscend
waveInGetNumDevs
mmioClose

winspool.drv

EnumPrintProcessorsW
EnumPrintersA
StartDocDlgA
EnumPrintProcessorsA
ConvertAnsiDevModeToUnicodeDevmode
StartPagePrinter
GetPrintProcessorDirectoryW
AddPrinterW
SetPrinterDataA

inetcomm

EssReceiptRequestDecodeEx
MimeOleParseMhtmlUrl
EssSecurityLabelEncodeEx
MimeOleGetCodePageInfo
MimeOleSMimeCapAddSMimeCap
MimeOleOpenFileStream
MimeOleSMimeCapGetEncAlg
MimeEditDocumentFromStream

oledlg

OleUIObjectPropertiesA
OleUIEditLinksW
OleUIInsertObjectA
OleUIPasteSpecialA
OleUIChangeSourceA
OleUIBusyW
OleUIChangeIconW
OleUIInsertObjectW

wsock32

WSAStartup
GetNameByTypeW
WSASetBlockingHook
EnumProtocolsA
htons
WSAStartup
select
send

Sections

.rdata
Size: 1KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0f41bd5de82cbb844f692b48ffd09bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

ole32

ws2_32

winmm

winspool.drv

inetcomm

oledlg

wsock32

Sections

.rdata Size: 1KB - Virtual size: 26KB

.edata Size: 1024B - Virtual size: 7KB

.rdata Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.edata Size: 1024B - Virtual size: 22KB

.edata Size: 1KB - Virtual size: 17KB

.rdata Size: 1024B - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 6KB

.edata Size: 1KB - Virtual size: 15KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 26KB

.edata
Size: 1024B - Virtual size: 7KB

.rdata
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.edata
Size: 1024B - Virtual size: 22KB

.edata
Size: 1KB - Virtual size: 17KB

.rdata
Size: 1024B - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 6KB

.edata
Size: 1KB - Virtual size: 15KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 36KB