1e5f88e500b3113ef0a5e1baebcfaee1

Sharing

Copy URL

Twitter E-mail

General

Target

1e5f88e500b3113ef0a5e1baebcfaee1
Size

508KB
MD5

1e5f88e500b3113ef0a5e1baebcfaee1
SHA1

70ea74277caa41f553737c051b8ed4b41501766a
SHA256

39d18f92872df89d0cf2d81fb3a3ecd3082369ba9e4e26e433e42e73dce31f38
SHA512

53dbbb00b3ae0189345154ea4dc504ae0ecd612da5c9a8da1028d14e7667aabb47f63cfc95ef263595e906db2fd64b1882a775a1d4778de008e235387e6ae51b
SSDEEP

12288:ak24iYyaG2yK/CzJI/zaBeQVJbxPl4JEsNfpIs0:ak2nY+DzJuzas8FBeg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e5f88e500b3113ef0a5e1baebcfaee1

Files

1e5f88e500b3113ef0a5e1baebcfaee1
.exe windows:4 windows x86 arch:x86

07446f18bb1de38c7c09a5bd503e291a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
FindNextFileW
LCMapStringA
GetConsoleCP
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
DuplicateHandle
CompareStringA
GlobalFree
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
GetACP
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
GetExitCodeProcess
FormatMessageW
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
lstrcmpiA
GetCPInfo
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
LoadLibraryExW
LocalAlloc
GetConsoleMode
GetCurrentDirectoryA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetModuleHandleW
GetEnvironmentStrings
TlsGetValue
HeapCreate
WriteFile
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
WriteConsoleW
ResetEvent

user32

GetParent
GetMessageA
DestroyWindow
GetClientRect
GetDC
EndPaint
IsWindow
SetWindowPos
PostQuitMessage
SetForegroundWindow
UpdateWindow
LoadCursorA
LoadIconA
GetDesktopWindow
GetFocus
MessageBoxA
GetSysColor
IsWindowVisible
wsprintfA
InvalidateRect
SendMessageA
SetCursor
FillRect
DefWindowProcA
ShowWindow
EnableWindow
TranslateMessage
PeekMessageA
IsWindowEnabled
EnableMenuItem
RegisterClassA
GetSubMenu
SetTimer
DispatchMessageA
SetFocus
GetSystemMetrics
GetWindowRect
ReleaseCapture
SetWindowLongA
SetWindowTextA
CheckMenuItem
GetWindowLongA
CreateWindowExA
GetDlgItem

gdi32

CreateCompatibleDC
SetBkColor
SelectObject
CreateFontIndirectA
SetTextColor
CreateCompatibleBitmap
CreateSolidBrush

advapi32

RegQueryValueExW
RegCloseKey

oleaut32

VariantInit
SysFreeString
SysStringLen
VariantClear
SysAllocString

msvcrt

_strcmpi
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit
_controlfp

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07446f18bb1de38c7c09a5bd503e291a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

msvcrt

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 140KB - Virtual size: 139KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 140KB - Virtual size: 139KB

.rsrc
Size: 4KB - Virtual size: 3KB