1f68de6782d3d28b0ee263c5796ba96fc4024032d72eccce816c4e5c5b3161c1

Sharing

Copy URL Twitter E-mail

General

Target

1f68de6782d3d28b0ee263c5796ba96fc4024032d72eccce816c4e5c5b3161c1
Size

312KB
MD5

8e98e279121cf7621ee708efdc8d1ddc
SHA1

8e5ca6f78fc7ac9fef34b1bda278aab39dc7ef2c
SHA256

1f68de6782d3d28b0ee263c5796ba96fc4024032d72eccce816c4e5c5b3161c1
SHA512

56305cd9a588f6d74402477115103f856e7668b8f5f997dcb1014884de11a8e4c3ebb74127ec0cab1565f879c6d22cd2ebc2c31fdc0693b1d0b575a855a3e092
SSDEEP

6144:iT+yNR5UrrQzuSMsoIE38RvvYLyH/rhcM9Ua8YLC39VQKgb5WrZa:nyNXU/QmIE38RvvNTKQ7C39yKgb5W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f68de6782d3d28b0ee263c5796ba96fc4024032d72eccce816c4e5c5b3161c1

Files

1f68de6782d3d28b0ee263c5796ba96fc4024032d72eccce816c4e5c5b3161c1
.exe windows:4 windows x86

af149e51499bf8892a701b93f1faf50c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
CopyFileA
PeekNamedPipe
TlsSetValue
SetFilePointerEx
QueryPerformanceFrequency
EnumCalendarInfoA
CreateFileW
InterlockedPushEntrySList
UnhandledExceptionFilter
FreeConsole
FreeLibrary
IsDebuggerPresent
CreateDirectoryA
EnumResourceLanguagesW
HeapValidate
DuplicateHandle
OutputDebugStringW
AreFileApisANSI
GetEnvironmentVariableW
GetProcessVersion
EnterCriticalSection
ConvertDefaultLocale
GetModuleHandleExW
ReadProcessMemory
MoveFileExA
GetBinaryTypeA
OpenMutexA
IsValidLocale
GetDriveTypeA
SetConsoleCursorPosition
SetEnvironmentVariableW
TlsGetValue
TransactNamedPipe
GetFullPathNameW
FindClose
GetSystemDirectoryW
GetSystemDefaultUILanguage
CreateActCtxW
TlsAlloc
GetLargestConsoleWindowSize
AllocConsole
SetLastError
GetShortPathNameA
HeapSize
GetFileSize
GetCurrentProcess
DeleteFileW
GetCPInfo
SetDllDirectoryW
MoveFileW
GetTimeFormatW
InterlockedExchangeAdd
SetConsoleCtrlHandler
GetPrivateProfileIntA
EnumResourceTypesW
GetThreadLocale
CloseHandle
SearchPathA
lstrlenW
IsProcessorFeaturePresent
GlobalFlags
GetUserDefaultUILanguage
CreateSemaphoreW
GlobalAddAtomW
GetTempFileNameA
GetSystemTime
FlushInstructionCache
SetHandleCount
WideCharToMultiByte
GetOverlappedResult
LeaveCriticalSection
HeapQueryInformation
SetFileAttributesA
IsDBCSLeadByteEx
IsBadWritePtr
ReadFile
SetSystemPowerState
VirtualQueryEx
lstrlenA
GetTempPathW
DeleteVolumeMountPointA
GetPrivateProfileStringA
OpenEventA
SetFileTime
GetFileType
SuspendThread
InterlockedPopEntrySList
OpenMutexW
HeapCreate
VirtualProtect
GlobalMemoryStatus
GetThreadContext
ReleaseActCtx
GetSystemInfo
WaitForMultipleObjects
UnmapViewOfFile
GetVolumeInformationW
SetStdHandle
GetTempPathA
GetVersion
GetVersionExW
GetLocaleInfoA
GetSystemDirectoryA
WaitForSingleObject
SetFileAttributesW
GetStdHandle
CompareFileTime
IsBadStringPtrA
FindResourceExW
InterlockedCompareExchange
GetConsoleOutputCP
GetTimeFormatA

user32

GetPropA
LoadCursorA
LoadMenuW
GetAncestor
PtInRect
SendDlgItemMessageA
WaitForInputIdle
SetSystemMenu
GetDC
GetMenuStringA
DefDlgProcA
DisplayExitWindowsWarnings
CreateDialogParamW
TranslateAccelerator
SetInternalWindowPos
GetSysColor
SetUserObjectSecurity
GetAltTabInfo

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af149e51499bf8892a701b93f1faf50c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 240KB - Virtual size: 239KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 25KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 240KB - Virtual size: 239KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 25KB

.rsrc
Size: 40KB - Virtual size: 40KB