d1a4bc20ff8396c369a844b183a06e00_exe32[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d1a4bc20ff8396c369a844b183a06e00_exe32.exe
Size

212KB
MD5

d1a4bc20ff8396c369a844b183a06e00
SHA1

3691cf7c887ffcfe256c30f08f96063de78c8005
SHA256

fd028fb0ee4948b750b428b414519d1b59fedcdcd3c508064ef5e150cf4e6439
SHA512

442bcef9e896fc7c323adb0b97e68fb13496f0ecffc9cd6abfa1f24b5db80902667182f0530621759c64c8ca1d9fbec0315349b5545892803239a5e8f58f097f
SSDEEP

3072:av/IL44frgyGGqB/QH1VdzDu43d/9gCOuMHCV+yXSD7ihxrG/AIqfc6KpYffLT:8AU40GqVQV9tirCVcXinG/Af0ZSffL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1a4bc20ff8396c369a844b183a06e00_exe32.exe

Files

d1a4bc20ff8396c369a844b183a06e00_exe32.exe
.exe windows:4 windows x86

fc2348e5cba0fcca8012f922614733e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
SubtractRect
DialogBoxParamA
EqualRect
ToAscii
DialogBoxIndirectParamA
AttachThreadInput
GetClassInfoExA
GetClipboardFormatNameA
GetClipboardOwner
OemKeyScan
SetKeyboardState
GetKeyState
SetDoubleClickTime
DdePostAdvise
GetMessageA
GetMessageTime
DdeAbandonTransaction
DdeFreeDataHandle
GetSysColor
LoadAcceleratorsA
SetWinEventHook
ClipCursor
CreateMenu

msvcrt

_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_open
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit
_adjust_fdiv
_c_exit

lz32

LZSeek
LZStart
LZDone

version

GetFileVersionInfoW

kernel32

GetStartupInfoA
GetModuleHandleA
GetSystemDirectoryW
GetPrivateProfileIntW
GlobalUnfix
GetPrivateProfileSectionNamesW
GlobalDeleteAtom
GetCurrentThread
HeapAlloc
ConnectNamedPipe
GetStdHandle
GetLongPathNameA

advapi32

LsaEnumerateTrustedDomains
RegOpenKeyA
LsaQueryTrustedDomainInfo
LsaLookupSids
DecryptFileA
LsaSetInformationPolicy
RegOverridePredefKey
LsaDeleteTrustedDomain
ReadEventLogA
LsaQueryInformationPolicy
LogonUserA
LsaEnumerateAccountRights
ObjectOpenAuditAlarmA

comctl32

PropertySheetW
ord13
ImageList_Merge
ord14
ord17
InitializeFlatSB
ImageList_DragLeave
ImageList_BeginDrag
FlatSB_EnableScrollBar
ImageList_GetIconSize
FlatSB_SetScrollRange
ImageList_Copy
FlatSB_SetScrollProp
ImageList_Create
ImageList_DragEnter
DestroyPropertySheetPage
ord5
FlatSB_GetScrollPos
ImageList_AddMasked
CreatePropertySheetPageA
FlatSB_SetScrollPos
ImageList_Destroy
FlatSB_GetScrollInfo
ImageList_GetImageCount
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_DragMove
ImageList_DragShowNolock

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc2348e5cba0fcca8012f922614733e8

Headers

File Characteristics

Imports

user32

msvcrt

lz32

version

kernel32

advapi32

comctl32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 160KB - Virtual size: 1.2MB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 160KB - Virtual size: 1.2MB

.rsrc
Size: 12KB - Virtual size: 11KB