1cc9222bf6b5dff75dcbc1899949bada

General

Target

1cc9222bf6b5dff75dcbc1899949bada
Size

107KB
MD5

1cc9222bf6b5dff75dcbc1899949bada
SHA1

772fbbc7cf3755b944b6c87faa90387d2a3a7f17
SHA256

7d1012a604b7fd2f9c44a0905f5298d65c67361520a579f0b826170d24044617
SHA512

ee2662c80e1de69ad469c99cf79adeec8688b9a3df7e2bc67909b240d0e62895142af57f29ffe9ab5920fad22ecc70664b8782c18eb011164a9ea4cbad4ae3f9
SSDEEP

768:FKEYYYT0EdRbUfVEuEastzaffGckFr0J7e4ndfE0DsQQzUp6MyMZ/ytjirL/bjcX:yRbKtT/uP5B0D3IUWAbjE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cc9222bf6b5dff75dcbc1899949bada

Files

1cc9222bf6b5dff75dcbc1899949bada
.exe windows:5 windows x86 arch:x86

668474b646f776e06589ee9e11cb183d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
lstrlenW
WaitForSingleObjectEx
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetPrivateProfileIntW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess

user32

PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA

gdi32

MoveToEx
LineTo
SetViewportExtEx
SetWindowExtEx
SetMapMode
ExtCreatePen
BeginPath
BitBlt
CreateCompatibleDC
CreateFontIndirectW
CreateSolidBrush
DeleteObject
ExtTextOutW
GetObjectW
GetTextExtentPointW
SelectObject
EndPath
GetStockObject
StrokePath
SetBkColor

advapi32

RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegOpenKeyA
RegOpenKeyExW

shell32

ShellExecuteExW

shlwapi

PathAppendW
PathGetArgsW
PathUnquoteSpacesW

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

668474b646f776e06589ee9e11cb183d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 26KB - Virtual size: 25KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 1024B - Virtual size: 568B

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 1024B - Virtual size: 568B