1cc04c3436860cfd70277fef1c30a8cf013334a63955931f9ff03706306c8a70

Sharing

Copy URL Twitter E-mail

General

Target

1cc04c3436860cfd70277fef1c30a8cf013334a63955931f9ff03706306c8a70
Size

11.9MB
MD5

c2574aae5805c36dc3d85e36b2096487
SHA1

c5162ed970ebe6486c08114b8ac04a25119e952a
SHA256

1cc04c3436860cfd70277fef1c30a8cf013334a63955931f9ff03706306c8a70
SHA512

70cba02e5cf740f7867ff398b4f0f24f003733f8910aa891239c494bb31f99805f8133294bb024b5e48cafc617f21d02377dd7a148cf46a8ab0b91b9c7c16dc5
SSDEEP

196608:tnudKG+Z8Y7om/6vpyR5mdI26gBQVtSkGGZG0sWsfdqFcHJ6kifaHS0qwSqg0XG0:tnVGlComoyziI2VQukQ0sjH6yHS0TSYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cc04c3436860cfd70277fef1c30a8cf013334a63955931f9ff03706306c8a70

Files

1cc04c3436860cfd70277fef1c30a8cf013334a63955931f9ff03706306c8a70
.dll windows:5 windows x86

e5ada077e6eb051ac39e10d78643e3f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowTextA
CharUpperBuffW

advapi32

RegQueryValueExA

shell32

SHAppBarMessage

ole32

CoUninitialize

ws2_32

WSAStartup

gdiplus

GdiplusShutdown

shlwapi

PathFileExistsA

gdi32

GetStockObject

msvcrt

atof

Exports

Exports

GetClassObject
ȡָ��ı�_

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm0
Size: - Virtual size: 8.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vm1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm2
Size: 11.9MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5ada077e6eb051ac39e10d78643e3f9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

ws2_32

gdiplus

shlwapi

gdi32

msvcrt

Exports

Exports

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 8KB

.data Size: - Virtual size: 780KB

.vm0 Size: - Virtual size: 8.3MB

.vm1 Size: 4KB - Virtual size: 1KB

.vm2 Size: 11.9MB - Virtual size: 11.9MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 816B

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 8KB

.data
Size: - Virtual size: 780KB

.vm0
Size: - Virtual size: 8.3MB

.vm1
Size: 4KB - Virtual size: 1KB

.vm2
Size: 11.9MB - Virtual size: 11.9MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 816B