1bc0b12f04e401fe4529c7c76a3021fd

Sharing

Copy URL Twitter E-mail

General

Target

1bc0b12f04e401fe4529c7c76a3021fd
Size

205KB
MD5

1bc0b12f04e401fe4529c7c76a3021fd
SHA1

e78c48c8525f28bcef73aa9fe510f69abaa2eaea
SHA256

e316728eeeb6ed8426f87f4f70114d11743d1290b64a3d2df5b8ffac421887b3
SHA512

c05e6dec26a60b9ccb1ec8a00a64be14903748e2a6ee5de439e13cca5f84ceda84deeb57fc8426716965ed601af15759b2e6fb722206612bb50dabcd5dba1eea
SSDEEP

3072:0udlDcmP9IH7JaMWpdJFgtdsE23PlSPkpUQapN31G1WP7Pv41Sf7UTjDpevY:ghH1aMWposE0NSn3pOqWC7KpEY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bc0b12f04e401fe4529c7c76a3021fd

Files

1bc0b12f04e401fe4529c7c76a3021fd
.exe windows:4 windows x86 arch:x86

a9ff11881b6a9af0fc8dcf6fff096801

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCurrentProcess
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
TerminateProcess
HeapAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
LocalAlloc
FormatMessageA
LocalFree
MultiByteToWideChar
GetLastError
GetTempPathA
GetTempFileNameA
GetFileSize
ReadFile
GlobalUnlock
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
GetFileAttributesA
CreateDirectoryA
CreateFileA
GetFileTime
CompareFileTime
WriteFile
SetFileTime
CopyFileA
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
UnhandledExceptionFilter
SetFilePointer
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SizeofResource
CreateThread
CloseHandle
GetCurrentThread
SetThreadPriority
FindResourceA
LoadResource
LockResource
GetCPInfo
FlushFileBuffers

user32

TranslateMessage
CreateWindowExA
RegisterClassExA
LoadCursorA
DispatchMessageA
ShowWindow
GetMessageA
wsprintfA
UpdateWindow
DialogBoxParamA
ExitWindowsEx
SetWindowTextA
EnableWindow
MessageBoxA
MessageBeep
SendMessageA
EndDialog
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
PostMessageA
GetDC
ReleaseDC
KillTimer
PostQuitMessage
GetClientRect
SetTimer
BeginPaint
EndPaint
DefWindowProcA
LoadIconA

gdi32

LineTo
CreatePen
SetBkColor
GetTextExtentPoint32A
SetTextColor
SetBkMode
TextOutA
DeleteObject
CreateFontA
CreateSolidBrush
MoveToEx
SelectObject

advapi32

OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
StartServiceA
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle
CreateServiceA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
ImpersonateSelf

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

lz32

LZOpenFileA
LZClose
LZCopy

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9ff11881b6a9af0fc8dcf6fff096801

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

lz32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 13KB - Virtual size: 19KB

.rsrc Size: 3.8MB - Virtual size: 3.8MB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 13KB - Virtual size: 19KB

.rsrc
Size: 3.8MB - Virtual size: 3.8MB