1c22abcfcf67fdebacac307ae1fcf42d

Sharing

Copy URL Twitter E-mail

General

Target

1c22abcfcf67fdebacac307ae1fcf42d
Size

156KB
MD5

1c22abcfcf67fdebacac307ae1fcf42d
SHA1

538a948c9cd2e5c06aa33ad7a79ed2f66882217d
SHA256

cfc27099a5eac4864893d7054d751cb525d5faf93c3fb84573a89bc1a94dd731
SHA512

eb063caa79ac7f1db27e133750c6cba9e62e981f23620160f7e1ba70bb1724e3b55091ab28bd61ef3a928c189705225583fac25f111ff6fd05e1d5b7f9ac499f
SSDEEP

3072:Eq6GUg0/XQuv8cxIeMmX7rjpl+8r3Qa6:1J0Qe9/M6f1r3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c22abcfcf67fdebacac307ae1fcf42d

Files

1c22abcfcf67fdebacac307ae1fcf42d
.exe windows:4 windows x86 arch:x86

9f1133fbb4742fd17553d7de8476828b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
Sleep
GetProcAddress
InterlockedExchange
VirtualFree
ResumeThread
GetTickCount
CloseHandle
SetEvent
SystemTimeToFileTime
SetFirmwareEnvironmentVariableA
CreateMutexA
RemoveDirectoryA
GetSystemTime
GetSystemDirectoryA
GetTempPathA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
WriteConsoleA
HeapSize
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LocalFree
HeapAlloc
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetLastError
WriteFile
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
ReadFile
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
SetFilePointer
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
VirtualProtect
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
CreateFileA

user32

DestroyWindow
EnableWindow
LoadImageA
PostMessageA
GetSystemMetrics
FindWindowA
GetFocus
EnumWindows
LoadIconA
GetActiveWindow
MessageBoxA

winmm

midiStreamOut
midiOutReset
midiStreamRestart
joySetCapture

dnsapi

DnsAcquireContextHandle_A

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f1133fbb4742fd17553d7de8476828b

Headers

File Characteristics

Imports

kernel32

user32

winmm

dnsapi

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 10KB

.tls Size: 12KB - Virtual size: 8KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 10KB

.tls
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 68KB - Virtual size: 64KB