1b5a82bc4dd86e8ab344e74244a01550

General

Target

1b5a82bc4dd86e8ab344e74244a01550
Size

3.4MB
MD5

1b5a82bc4dd86e8ab344e74244a01550
SHA1

0ff9b0e1c155eba71c861768a78341d4b43fda79
SHA256

a3b95fc8c094f2b1d7fa3a5d9bc2f46cb3bb044370e1f7a6e8778ab8cbec6c6a
SHA512

bd53906f2ad09548a465d006877698cde38ceadc375a46296237891d4bfdeeaaa63bc6e7dfee07f615cb542c4476314550e0b9869384cb6a510d2cc6af955beb
SSDEEP

98304:GawkD8wfpUpp9Wo69dKKx0HnzEWyJv0DeqMqWz:GawDwupz7Kx0pyF0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b5a82bc4dd86e8ab344e74244a01550

Files

1b5a82bc4dd86e8ab344e74244a01550
.exe windows:4 windows x86 arch:x86

adcd0b6fa3d3efda1731afcdb4df8dda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
TerminateProcess
Sleep
GetTickCount
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
SetLastError
HeapAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
GetModuleFileNameW
GetStdHandle
IsDebuggerPresent
ReadFile
GetACP
FormatMessageW
GetModuleHandleA
InitializeCriticalSection
GetConsoleMode
TlsSetValue
LoadLibraryW
LoadLibraryExW
CreateThread
GetCPInfo
TlsFree
SetFilePointer
GetFileAttributesW
RtlUnwind
LCMapStringW
GetModuleFileNameA
GetOEMCP
SetStdHandle
FreeEnvironmentStringsW
IsProcessorFeaturePresent
FindNextFileW
IsValidCodePage
FindFirstFileW
GetConsoleCP
ReleaseMutex
CreateFileA
GetFileSize
EncodePointer
lstrlenW
LoadLibraryA
CreateDirectoryW
GetFullPathNameW
LoadResource

user32

TranslateMessage
DefWindowProcW
SetWindowLongW
GetWindowLongW
GetMessageW
GetDC
PostMessageW
GetClientRect
SetWindowPos
LoadCursorW
SetTimer
LoadIconW
SetFocus
SetForegroundWindow
GetSysColor
PeekMessageW
EndPaint
ScreenToClient
KillTimer
RegisterClassW
UpdateWindow
SystemParametersInfoW
CharUpperW
ClientToScreen

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adcd0b6fa3d3efda1731afcdb4df8dda

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.idata
Size: 2KB - Virtual size: 1KB