1c20070273c3f5326341574798102ff9

General

Target

1c20070273c3f5326341574798102ff9
Size

98KB
MD5

1c20070273c3f5326341574798102ff9
SHA1

0868f191201152e9d332eb1a5f98a62ebf4fe829
SHA256

e1ee25ce933ae22d4b2ea85a7d93b7545ced1ba56c097845d0cfd944b006320f
SHA512

36616f00c4fc69c25051b941c357144fd5654dccf3755ff23ea1fe1f8c4dc9175e6fd788664ae4f734d3382119768b67bf93a8e0a5e4b899a077c99aa1d8ef90
SSDEEP

3072:Fb4+42MRThzIVvMOatCC4ksHvnRB5K6LGb:FG28Thzwu94dPA6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c20070273c3f5326341574798102ff9

Files

1c20070273c3f5326341574798102ff9
.exe windows:4 windows x86 arch:x86

0fd932bb259b5b5637bf0f064db18349

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetConsoleOutputCP
GetThreadLocale
GetOEMCP
lstrcmpiA
GetWindowsDirectoryA
GetTickCount
lstrlenW
lstrcmpA
GetCurrentProcessId
GetCurrentProcess
QueryPerformanceCounter
DeleteFileA
GetVersion
GetCurrentThreadId
GetUserDefaultLangID
GetCommandLineA
GetModuleHandleW
CopyFileA
GetModuleHandleA
MulDiv
VirtualAlloc
DeleteFileW
VirtualFree
GetDriveTypeA
lstrcmpiW
GetCurrentThread
SetCurrentDirectoryA
GlobalFindAtomA
GetStartupInfoA
GlobalFindAtomW
GetCommandLineW
RemoveDirectoryA
IsDebuggerPresent
RemoveDirectoryW
ExitProcess
GetProcessHeap

user32

GetParent
TranslateMessage
CharNextA
GetSystemMetrics
GetDesktopWindow
GetDC

gdi32

CreateCompatibleDC
SetTextAlign
GetStockObject
GetPixel
CreatePalette
GetClipBox
SelectPalette
SetStretchBltMode
DeleteObject
CreateFontIndirectA
GetTextMetricsA
RectVisible
RestoreDC
SelectObject
SetMapMode
GetObjectA
CreatePen
SetTextColor
GetDeviceCaps
CreateSolidBrush
LineTo
DeleteDC
GetNearestPaletteIndex
PatBlt
SaveDC

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0fd932bb259b5b5637bf0f064db18349

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 64KB - Virtual size: 63KB

.rsrc Size: 13KB - Virtual size: 41KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 64KB - Virtual size: 63KB

.rsrc
Size: 13KB - Virtual size: 41KB