1f5b222ee32472bc5facd1f135a59d9a

General

Target

1f5b222ee32472bc5facd1f135a59d9a
Size

27KB
MD5

1f5b222ee32472bc5facd1f135a59d9a
SHA1

981b013aa038163d74ca3d26a25cc504c5b861d4
SHA256

56b477076b1f5dfdb6456725a60ff01a09d9a432cadc20923fc73caa89168c8a
SHA512

d80e853f92d8be387c8d8b45273c7893d92edf41afddc0be763e3efb05fe67c59081c46652dc40a601e97a4e67889e76260b4fe96de5d884b6ee5120bdf69794
SSDEEP

384:LP9JdgRfVmC8ScQKm5KRP4vmlfvhoHOyPia6gaFymmH7RfZaJqoAYVgq44:LEfVMSyXgG3ciVdFuRfZaJqoaN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f5b222ee32472bc5facd1f135a59d9a

Files

1f5b222ee32472bc5facd1f135a59d9a
.exe windows:4 windows x86 arch:x86

cb4df65b66ff2aed8818315ba32ba0c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleFileNameA
GetModuleHandleA
WriteFile
ReadFile
DeleteFileA
CloseHandle
GetFileSize
CreateFileA
CopyFileA
CreateEventA
GetStringTypeA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetWindowsDirectoryA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
CreateDirectoryA
CreateThread
GetLastError
Sleep
WinExec
GetStringTypeW
TerminateProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
VirtualAlloc
HeapFree
VirtualFree
RtlUnwind
lstrcpynA
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate

user32

IsChild
IsWindow
wsprintfA
ShowWindow
IsZoomed
CreateDialogParamA
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible

advapi32

RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

wsock32

connect
socket
WSAStartup
ioctlsocket
htons
recvfrom
sendto

shell32

Shell_NotifyIconA

comctl32

InitCommonControlsEx

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb4df65b66ff2aed8818315ba32ba0c8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

shell32

comctl32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 240B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 240B