1f0e88345612cfa3fb0bbb364a021c08f4d5cdb4a4cdb1deaba883f2e137f087

General

Target

1f0e88345612cfa3fb0bbb364a021c08f4d5cdb4a4cdb1deaba883f2e137f087
Size

14.6MB
MD5

48b05c61e33df8d307c2711eb5cfb06b
SHA1

cfcdbbedef796e86c965a94ed18d23e5f0903c6c
SHA256

1f0e88345612cfa3fb0bbb364a021c08f4d5cdb4a4cdb1deaba883f2e137f087
SHA512

deaa1b49578a3612673d7e3e697f4d3b08211dfadc1f14999fe119b869d9b12d96d71e3f646c3b97d2a05d618bdde770288fc5eab0941268ff492494b2bd5263
SSDEEP

3072:9XS2oAKtZZy2m4zRwhIuGi9Pf2AG/7999999999999999999999999999999999D:9X7KtDyv4lwh7S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f0e88345612cfa3fb0bbb364a021c08f4d5cdb4a4cdb1deaba883f2e137f087

Files

1f0e88345612cfa3fb0bbb364a021c08f4d5cdb4a4cdb1deaba883f2e137f087
.exe windows:5 windows x86

cb4b60e344b456b876756611bf85d8b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalTime
EnterCriticalSection
GetTickCount
HeapReAlloc
OpenFileMappingA
lstrlenW
WaitNamedPipeA
OpenWaitableTimerA
CreateMutexA
TlsGetValue
lstrlenW
GetProcAddress
CreateFileMappingA
GetStartupInfoW
WriteFile
GetModuleHandleA
DeleteFileW
GetStringTypeW
LoadLibraryExW
LoadLibraryW
lstrlenW
GetVersionExW

user32

LoadMenuW
InsertMenuW
GetDlgItemTextW
IsDialogMessageW
GetPropA
DispatchMessageA
IsCharLowerA
PeekMessageA
LoadIconW
GetClassLongA

rsaenh

CPDeriveKey
CPCreateHash
CPEncrypt
CPDecrypt

crypt32

CryptFindOIDInfo
CryptMemAlloc
CertOIDToAlgId
CertFreeCRLContext
CertDuplicateCTLContext
CertSaveStore
CertDeleteCRLFromStore
CertControlStore
CertNameToStrW
CryptHashMessage
CertFindAttribute
CryptMemFree
CertCreateCTLContext
CertCreateContext
CertGetNameStringW
CertDuplicateStore
CryptMemRealloc

cmpbk32

PhoneBookFreeFilter
PhoneBookCopyFilter

modemui

InvokeControlPanel
drvSetDefaultCommConfigA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Init_Detection

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_MEM_READ

.ydata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14.5MB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb4b60e344b456b876756611bf85d8b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

rsaenh

crypt32

cmpbk32

modemui

cfgmgr32

Sections

.text Size: 96KB - Virtual size: 95KB

.jdata Size: 11KB - Virtual size: 11KB

.ydata Size: 1024B - Virtual size: 704B

.rsrc Size: 14.5MB - Virtual size: 1KB

.text
Size: 96KB - Virtual size: 95KB

.jdata
Size: 11KB - Virtual size: 11KB

.ydata
Size: 1024B - Virtual size: 704B

.rsrc
Size: 14.5MB - Virtual size: 1KB