a26f0a2da63a838161a7d335aaa5e4b314a232acc15dcabdb6f6dbec63cda642

Sharing

Copy URL

Twitter E-mail

General

Target

a26f0a2da63a838161a7d335aaa5e4b314a232acc15dcabdb6f6dbec63cda642
Size

1.9MB
MD5

f7f679420671b7e18677831d4d276277
SHA1

1cb6a93e6d2d86d3479a1ea59f7d5b258f1c5c53
SHA256

a26f0a2da63a838161a7d335aaa5e4b314a232acc15dcabdb6f6dbec63cda642
SHA512

d1254926a171a7ad0588a16cfbd30a039b92aa082b1b32f38b028f745cbf34143ffa0738a97f22946a78fe16baf5b1ac2eb2205093e873438f30a6a0731d9ba7
SSDEEP

49152:NW9uVTc0/UrZUAT+x0L9/T9YDlXljktz4Q7NNJaaArzLGWBDF/y5QeK:Xc1rZD+mtTOxXlzF/y5zK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26f0a2da63a838161a7d335aaa5e4b314a232acc15dcabdb6f6dbec63cda642

Files

a26f0a2da63a838161a7d335aaa5e4b314a232acc15dcabdb6f6dbec63cda642
.exe windows:0 windows x64 arch:x64

b3b7ad6f2170dcc432067867d73f9aed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

CreateStatusWindow
CreateToolbarEx
DPA_GetPtr
ImageList_GetImageCount
ImageList_LoadImage
ImageList_Read

comdlg32

ReplaceTextA

gdi32

AngleArc
CancelDC
CreatePen
DdQueryVisRgnUniqueness
EngCheckAbort
FontIsLinked
GdiCreateLocalEnhMetaFile
GdiEntry12
GdiGetSpoolFileHandle
GdiValidateHandle
GetEnhMetaFileHeader
GetObjectA
ResizePalette
ScaleViewportExtEx

kernel32

AddConsoleAliasW
ApplicationRecoveryFinished
CompareFileTime
CreateProcessInternalA
CreateSymbolicLinkTransactedW
CreateThreadpoolCleanupGroup
CreateThreadpoolTimer
DeleteBoundaryDescriptor
EnumSystemLanguageGroupsW
EnumTimeFormatsW
FindFirstVolumeW
GetAtomNameA
GetCalendarDifferenceInDays
GetCalendarInfoW
GetConsoleProcessList
GetDateFormatA
GetFileInformationByHandle
GetMaximumProcessorCount
GetProcAddress
GetProcessorSystemCycleTime
GetProfileStringA
GetTapeParameters
GetThreadContext
GetThreadUILanguage
LZOpenFileW
LoadLibraryA
LocalLock
LocalReAlloc
LocateXStateFeature
OpenJobObjectW
SetComPlusPackageInstallStatus
SetFileIoOverlappedRange
SetFileValidData
SetProcessDEPPolicy
SetThreadStackGuarantee
SetThreadpoolThreadMaximum
StartThreadpoolIo
VerifyVersionInfoW
VirtualQueryEx
WaitForMultipleObjects

msvcrt

clock
cosh
free
iswalnum
malloc
memcpy
memset
perror
remove
strncmp
_wcslwr
_wcsrev
_getpid
_chsize

ole32

CoGetCallContext
CoGetCurrentProcess
CoReleaseMarshalData
CoRetireServer
HMENU_UserUnmarshal
ObjectStublessClient19
OleBuildVersion
OleCreateLinkEx
OleSetMenuDescriptor
SetErrorInfo

user32

AdjustWindowRectEx
ArrangeIconicWindows
BringWindowToTop
CharLowerW
CharNextExA
CreateIconFromResourceEx
DefMDIChildProcA
DefWindowProcA
DisplayConfigGetDeviceInfo
DrawTextW
EndPaint
FindWindowW
GetClassInfoExW
GetClassWord
GetMenuItemInfoW
GetMonitorInfoW
GetUpdateRgn
GetWindowModuleFileNameW
GhostWindowFromHungWindow
IsCharAlphaA
MonitorFromWindow
OpenIcon
RegisterServicesProcess
RegisterTasklist
SetCapture
SetForegroundWindow
TranslateMDISysAccel
UnregisterSessionPort
UserLpkPSMTextOut

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 655KB - Virtual size: 654KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b7ad6f2170dcc432067867d73f9aed

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

user32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 176KB - Virtual size: 176KB

.rdata Size: 655KB - Virtual size: 654KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 176KB - Virtual size: 176KB

.rdata
Size: 655KB - Virtual size: 654KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 7KB