1b6fd7f63d98ce064350726e716a987f

General

Target

1b6fd7f63d98ce064350726e716a987f
Size

3.4MB
MD5

1b6fd7f63d98ce064350726e716a987f
SHA1

eb77826fc33034c1c99bee1ce4c2db59d331bfae
SHA256

68cba30430260fe568f7dd84405468d74fe5ab6e8f7ebc92c833ee280d47801c
SHA512

edb7d9a1cf3651621a1cd536e67f66777cd7e0b80764b5fb45fd7f7d3e6f2496c5a212c05f701550019469f85e01fa5b70218cfe59646641a305129e77644fa4
SSDEEP

98304:zPYQTV6Uogpf0yOS92AEd1bRN6IVQSv/cmmPzik:UQskf0O2Fk6izi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b6fd7f63d98ce064350726e716a987f

Files

1b6fd7f63d98ce064350726e716a987f
.exe windows:4 windows x86 arch:x86

bedaaf7d43fcd94fc097fe8ae59d2b3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetModuleHandleW
GetProcAddress
CloseHandle
Sleep
GetTickCount
SetLastError
WriteFile
WaitForSingleObject
GetStartupInfoW
IsDebuggerPresent
GetCommandLineW
ReadFile
RaiseException
SetEvent
FormatMessageW
GetFileType
TlsGetValue
InitializeCriticalSection
GetConsoleMode
TlsAlloc
LoadLibraryW
SetFilePointer
CompareStringW
RtlUnwind
LCMapStringW
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetOEMCP
SetStdHandle
FreeEnvironmentStringsW
FindFirstFileW
VirtualAlloc
GetCommandLineA
DecodePointer
GetVersionExW
ReleaseMutex
CreateFileA
GetFileSize
lstrlenW
LoadLibraryA
GetModuleHandleExW
CreateDirectoryW
UnmapViewOfFile
CreateProcessW

user32

TranslateMessage
DispatchMessageW
ShowWindow
ReleaseDC
DefWindowProcW
MessageBoxW
PostQuitMessage
GetWindowLongW
GetDlgItem
GetDC
PostMessageW
SendMessageW
SetWindowPos
IsWindow
LoadCursorW
SetWindowTextW
SetTimer
LoadIconW
SetFocus
SetForegroundWindow
GetSysColor
BeginPaint
SetCursor
RegisterClassW
EnableMenuItem
GetWindow
SystemParametersInfoW
ClientToScreen

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bedaaf7d43fcd94fc097fe8ae59d2b3c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB