1f48f1e4e050b269b138dbe1b216485e620d10152eecb4d1b15afa02b9b08760

Sharing

Copy URL

Twitter E-mail

General

Target

1f48f1e4e050b269b138dbe1b216485e620d10152eecb4d1b15afa02b9b08760
Size

2.8MB
MD5

20266138a698130cdd6981b93066f618
SHA1

d5e12043a73dae56ce2f0cc2973da115285c4b9b
SHA256

1f48f1e4e050b269b138dbe1b216485e620d10152eecb4d1b15afa02b9b08760
SHA512

5c1735c5d16d3e3fc948cea405468defd2154f581680e8d3a31c12bc03f2509112a69d2c55015b1707098412acaf9b639921c34154522fafb3eb3273c6e35e5e
SSDEEP

49152:/kBzAFC6qKw/JCo55qO1GuzCHvC1DCRxKAILUoAnkqzrlSeI1EbP9:/iAFHqKWCo5wOkHHvCCMASzqSefV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f48f1e4e050b269b138dbe1b216485e620d10152eecb4d1b15afa02b9b08760

Files

1f48f1e4e050b269b138dbe1b216485e620d10152eecb4d1b15afa02b9b08760
.dll windows:5 windows x86

dd78261cd31824f61cf2054f37fe917d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lz32

LZRead
LZClose
LZCopy
LZInit

gdi32

SetBitmapDimensionEx
SetColorSpace
SetICMMode
GetRgnBox
CreateEllipticRgn
SetViewportOrgEx

mprapi

MprAdminTransportSetInfo

kernel32

InitializeCriticalSectionAndSpinCount
GetProcessAffinityMask
GetExitCodeProcess
Process32FirstW
GetSystemTimeAsFileTime
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
VerLanguageNameA
DeleteCriticalSection
InterlockedPushEntrySList
VirtualAlloc
GetProcessHeap
OutputDebugStringA
CloseHandle
GetModuleFileNameW
GetBinaryTypeW
SetCommBreak
AssignProcessToJobObject
SetConsoleCursorInfo
SetProcessWorkingSetSize
WaitForSingleObjectEx
CancelIo
SetUserGeoID
GetCommModemStatus

setupapi

SetupDiDestroyDeviceInfoList

advapi32

CryptAcquireContextA
RegDeleteValueW
LockServiceDatabase

shell32

Shell_NotifyIconA

user32

GetMessageA
AnyPopup
VkKeyScanW
UpdateWindow
IsChild
GetUpdateRgn
EndPaint
AttachThreadInput
UnhookWinEvent
EndDialog
EmptyClipboard
GetMenuItemCount
ShowWindow
GetKBCodePage

oleaut32

SysAllocStringLen
GetErrorInfo

msvcrt

memset
putc

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd78261cd31824f61cf2054f37fe917d

Headers

File Characteristics

Imports

lz32

gdi32

mprapi

kernel32

setupapi

advapi32

shell32

user32

oleaut32

msvcrt

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 2.6MB - Virtual size: 2.6MB

.data Size: 100KB - Virtual size: 101KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 56KB - Virtual size: 52KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 100KB - Virtual size: 101KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 56KB - Virtual size: 52KB