1f9a56955b019b81f5e3fce83ce7df8d

Sharing

Copy URL

Twitter E-mail

General

Target

1f9a56955b019b81f5e3fce83ce7df8d
Size

376KB
MD5

1f9a56955b019b81f5e3fce83ce7df8d
SHA1

22effc3a1d034e9c02dcbef249243242a1d2cd92
SHA256

e5b0accbb69ffe74cec8daef5392a7757e3f354ac144d7c31aeebdfded229213
SHA512

b53a47f841b2bd366807557f9c550a71f99f3a617a42eda138678dd50ff842a0c8bfb3afd1d17df299f58d21202bc148d86a9e864952359615b976d00d18221e
SSDEEP

6144:ZfKzbJHkfOcsqmmN9uGd93h5GPsvF90twHEMZfCDS1uJ:ZSfJgOAHuY9OPsvj0SHEI6DJJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f9a56955b019b81f5e3fce83ce7df8d

Files

1f9a56955b019b81f5e3fce83ce7df8d
.exe windows:1 windows x86 arch:x86

3aebb6c3afc1d899a8bc649962030078

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptui

ACUIProviderInvokeUI
CryptUIWizFreeDigitalSignContext
CryptUIWizCertRequest
CryptUIDlgViewSignerInfoA
CryptUIDlgSelectCertificateA
CryptUIWizFreeCertRequestNoDS
CryptUIDlgViewCertificatePropertiesA
DllUnregisterServer
CryptUIDlgSelectCA
CryptUIDlgFreeCAContext
EnrollmentCOMObjectFactory_getInstance
I_CryptUIProtectFailure
CryptUIDlgCertMgr
WizardFree
CryptUIDlgViewContext
CryptUIWizDigitalSign
CryptUIDlgSelectCertificateFromStore
DllRegisterServer
LocalEnroll
CryptUIDlgViewCRLA
CryptUIDlgSelectStoreA
CryptUIWizBuildCTL
CryptUIStartCertMgr
CryptUIDlgViewCertificateA
CryptUIWizCreateCertRequestNoDS
CryptUIWizSubmitCertRequestNoDS
LocalEnrollNoDS
CryptUIWizQueryCertRequestNoDS
RetrievePKCS7FromCA
CryptUIDlgViewCTLA
CryptUIFreeViewSignaturesPagesA
CryptUIGetViewSignaturesPagesA
CryptUIWizExport
CryptUIWizImport
CryptUIGetCertificatePropertiesPagesA
I_CryptUIProtect

advpack

ExtractFiles
RebootCheckOnInstall
FileSaveMarkNotExist
IsNTAdmin
GetVersionFromFile
TranslateInfString
RegSaveRestore
DelNode
OpenINFEngine
FileSaveRestoreOnINF
NeedReboot
AdvInstallFile
SetPerUserSecValues
FileSaveRestore
RegRestoreAll
UserUnInstStubWrapper
DoInfInstall
RegSaveRestoreOnINF
AddDelBackupEntry
GetVersionFromFileEx
UserInstStubWrapper
RunSetupCommand
RegisterOCX
RegInstall

kernel32

InterlockedExchange
CreateFileA
SetNamedPipeHandleState
DosDateTimeToFileTime
InterlockedPushEntrySList
VirtualFree
GetFileAttributesA
lstrcatA
WaitNamedPipeA
ReadFileEx
FileTimeToDosDateTime
InterlockedCompareExchange
GetModuleHandleA
GetFileAttributesExA
WriteFile
GetSystemTimes
SetFilePointer
lstrcmpiA
DeleteFileA
ReadFile
VirtualAlloc
lstrcmpA
SetFilePointerEx
GetStringTypeExA
GetEnvironmentStringsA
FreeEnvironmentStringsA
ConnectNamedPipe
lstrcpyA
CloseHandle
InterlockedExchangeAdd
GetSystemTimeAsFileTime
GetProcessHeaps
GetNamedPipeHandleStateA
lstrcpynA
GetProcessHeap
GetFirmwareEnvironmentVariableA
SetEnvironmentVariableA
IsBadStringPtrA
SetFirmwareEnvironmentVariableA
GetSystemTime
GetSystemTimeAdjustment
GetNamedPipeInfo
InterlockedPopEntrySList
HeapSize
SystemTimeToFileTime
lstrlenA
CallNamedPipeA
GetStringTypeA
GetFileTime
FileTimeToLocalFileTime
HeapAlloc
WriteFileEx
WriteFileGather

user32

GetWindowLongA
GetDesktopWindow
SetFocus
CheckMenuRadioItem
LoadIconA
CheckDlgButton
LoadAcceleratorsA
GetSysColorBrush
InvalidateRect
GetDlgCtrlID
EndPaint
OffsetRect
UpdateWindow
HideCaret
SetWindowPos
IsClipboardFormatAvailable
LoadMenuA
GetMessageA
CheckMenuItem
GetWindowRect
CreateDialogParamA
GetClipboardData
IsChild
GetSysColor
CallWindowProcA
CheckRadioButton
EnableMenuItem
DestroyWindow
MapWindowPoints
DefWindowProcA
PostQuitMessage
SendMessageA
GetClientRect
BeginPaint
GetSubMenu
IsDialogMessageA
MessageBoxA
SetCursor
MessageBeep
OpenClipboard
ShowWindow
LoadCursorA
EndDialog
EnableWindow
DispatchMessageA
DialogBoxParamA
SystemParametersInfoA
DestroyMenu
TranslateMessage
WinHelpA
SetWindowTextA
SetDlgItemInt
RegisterClassExA
CharNextA
TrackPopupMenuEx
SetProcessDefaultLayout
GetWindowTextA
CreateWindowExA
LoadStringA
GetMenu
TranslateAcceleratorA
CloseClipboard
ScreenToClient

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aebb6c3afc1d899a8bc649962030078

Headers

DLL Characteristics

File Characteristics

Imports

cryptui

advpack

kernel32

user32

Sections

.text Size: 283KB - Virtual size: 283KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 87KB - Virtual size: 736KB

.text
Size: 283KB - Virtual size: 283KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 87KB - Virtual size: 736KB