1bf36d2d225f57ecae2519b316f873bbae09ae476632162f955ab66e05e4b941

Sharing

Copy URL Twitter E-mail

General

Target

1bf36d2d225f57ecae2519b316f873bbae09ae476632162f955ab66e05e4b941
Size

259KB
MD5

e76fd22c04e4dbeb1bb5b98e58064823
SHA1

a1debefab344cf16474bba8191ef9c3e2cc81f36
SHA256

1bf36d2d225f57ecae2519b316f873bbae09ae476632162f955ab66e05e4b941
SHA512

8651431f0b0099c8023c682cb870f3866fd8cce8a6cf3f48f840f88119d2f687f06ef07e24f2a8a3f69ea762fa83b0432df41fdaac2a81b7cd30ab774543ac11
SSDEEP

6144:O1OtKqJjWv0SSRlzZbNS9VXYg8dfU2pq:O1+Kqde0pRlzB0/2p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bf36d2d225f57ecae2519b316f873bbae09ae476632162f955ab66e05e4b941

Files

1bf36d2d225f57ecae2519b316f873bbae09ae476632162f955ab66e05e4b941
.exe windows:6 windows x86

15c63fbc6b65e811380e17e32a426419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MakeSureDirectoryPathExists

kernel32

GetStringTypeW
SetEndOfFile
GetModuleFileNameW
SetDllDirectoryW
HeapSize
RaiseException
GetLastError
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExA
QueryPerformanceCounter
QueryPerformanceFrequency
CloseHandle
Sleep
GetCurrentThreadId
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
WriteConsoleW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
ReadFile
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetProcessHeap
CreateFileW

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15c63fbc6b65e811380e17e32a426419

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 8KB