1c8129bc114462c611a529cd73eeb6986a374fd407b1d98aa8748d169e703b58

General

Target

1c8129bc114462c611a529cd73eeb6986a374fd407b1d98aa8748d169e703b58
Size

114KB
MD5

e0938bd0e6da1bec0c56edcd431179f1
SHA1

246dc04f0b2448667ee2f5cd6768cf8612bfd687
SHA256

1c8129bc114462c611a529cd73eeb6986a374fd407b1d98aa8748d169e703b58
SHA512

9512bef1498783c789ae963327cc120cb9c71b827d6d9eb177ac84c574b3d445bb9c08870b08c16469b5be390419710da466064656846a85328cd7734e28d5c4
SSDEEP

1536:kSrE25Nxj8wSbAeUzNgROYJu6hkJPD8UeS2ACC9Lxr7udWlH4f8wSD:DrRjQUzNeJkJQMD9lrC44f6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c8129bc114462c611a529cd73eeb6986a374fd407b1d98aa8748d169e703b58

Files

1c8129bc114462c611a529cd73eeb6986a374fd407b1d98aa8748d169e703b58
.exe windows:5 windows x86

6e610c05388ce84123d90086ecb30c0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rsaenh

CPGenKey
CPDeriveKey
CPDecrypt
CPCreateHash
CPEncrypt

crypt32

CryptFindOIDInfo
CryptEnumOIDInfo
CertDeleteCRLFromStore
CertFindAttribute
CertFindExtension
CertOpenStore
CertCreateContext
CertFreeCRLContext
CertCreateCTLContext
CertNameToStrA
CertDuplicateStore
CertGetNameStringA

kernel32

GetModuleHandleA
GetStartupInfoA
GetSystemDirectoryW
LoadLibraryA
GetStringTypeA
GetCurrentProcess
lstrcmp
CreateFileW
CreateFileMappingA
lstrcmp
HeapReAlloc
OpenFileMappingW
FindFirstFileA
OpenEventA
OpenJobObjectA
GetTickCount
CreateMutexA
GetProcAddress
SearchPathW
lstrcmp
LoadLibraryExA

advapi32

RegCreateKeyExA
IsValidAcl
RegEnumKeyW
RegDeleteValueW
RegRestoreKeyW
RegLoadKeyW
RegReplaceKeyA
ReadEventLogW
CryptSignHashA
RegOpenKeyW
RegUnLoadKeyA
InitializeAcl
OpenEventLogW
RegSaveKeyA

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.udata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e610c05388ce84123d90086ecb30c0d

Headers

DLL Characteristics

File Characteristics

Imports

rsaenh

crypt32

kernel32

advapi32

Sections

.text Size: 102KB - Virtual size: 102KB

.udata Size: 8KB - Virtual size: 7KB

.qdata Size: 1024B - Virtual size: 708B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 102KB

.udata
Size: 8KB - Virtual size: 7KB

.qdata
Size: 1024B - Virtual size: 708B

.rsrc
Size: 1KB - Virtual size: 1KB