a044e30cc355d670a4569acc514727d542208314fae1661078de74488b773250N

Sharing

Copy URL

Twitter E-mail

General

Target

a044e30cc355d670a4569acc514727d542208314fae1661078de74488b773250N
Size

88KB
MD5

e23a0d89d28120d422aee773d2c0c1d0
SHA1

79c99a3cc10a81fb076dbff8ce93ff69e4fc91c7
SHA256

a044e30cc355d670a4569acc514727d542208314fae1661078de74488b773250
SHA512

cfbcb80d6341cc1f7436084fccd914dfc340514d2fcb2ee4cc017dacc1fb324365bf105722eb68991b204231f24a1abfc67b9592b93bbfc31cab27bb420820a0
SSDEEP

1536:IvfMfq3nj3PtT6sG5JeMfInia4Pd87JlnhoxhGJP9rsewR3wwSyRko:IvfMST1m0sbBPdyJl6jo9rrwg1yRko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a044e30cc355d670a4569acc514727d542208314fae1661078de74488b773250N

Files

a044e30cc355d670a4569acc514727d542208314fae1661078de74488b773250N
.exe windows:4 windows x86 arch:x86

a3fde73fb3dd973bd38732b798b26371

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
FreeLibrary
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
lstrcatA
lstrcpyA
lstrcpynA
lstrcmpA
lstrlenA
GetComputerNameA
GetLogicalDriveStringsA
GetLastError
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
DeleteFileA
Sleep
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
ReadFile
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile
FlushFileBuffers
VirtualAlloc
VirtualFree
GetVersion
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentDirectoryA
GetTickCount
SetFileAttributesA
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
SetFilePointer
GetCurrentProcess
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate

user32

OpenClipboard
GetClipboardData
GetForegroundWindow
GetWindowTextA
GetAsyncKeyState
GetKeyState
wsprintfA
IsCharAlphaNumericA
MessageBoxA
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
SetTimer
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CloseClipboard

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegSetValueExA

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3fde73fb3dd973bd38732b798b26371

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 66KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 66KB

.rsrc
Size: 4KB - Virtual size: 2KB