1c2d1bfda59c07d8124e855006a88e97

General

Target

1c2d1bfda59c07d8124e855006a88e97
Size

168KB
MD5

1c2d1bfda59c07d8124e855006a88e97
SHA1

0e6a6407270dbd28e3919cdd819d6b0d6bfcdcd1
SHA256

e671b72247707d3671c6d19cdd91bb0680cca786803517048be9e6473adb5a5f
SHA512

27d67bde9e28e322b34c7c92f0ea5fb8aab70e156c3e20bf5d606a6ffcd3da38e5ccb2a739c7328a4364fc5ed650d5351420b620cc91a66e40fde9d3c4d9829b
SSDEEP

3072:77/CFwFXOtqMYWt96LfK3SpB6IUXiROtP0a2i3xIt14W:HCnAMYvESiIEGfi3y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c2d1bfda59c07d8124e855006a88e97

Files

1c2d1bfda59c07d8124e855006a88e97
.exe windows:5 windows x86 arch:x86

d46cac467ad5846f2273e1f7c80a5f1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
CreateSolidBrush
CreateCompatibleDC
GetPixel
GetTextMetricsA
SetTextColor
GetObjectA
PatBlt
GetClipBox
SelectPalette
GetDeviceCaps
DeleteObject
CreatePalette
SetStretchBltMode
SaveDC
CreatePen
SelectObject
RestoreDC
CreateFontIndirectA
DeleteDC
RectVisible
LineTo
SetTextAlign
SetMapMode

kernel32

GetWindowsDirectoryA
MulDiv
GetCurrentProcess
DeleteFileW
RemoveDirectoryA
lstrcmpiA
lstrlenW
lstrcmpA
GetThreadLocale
GetCommandLineA
GetACP
GlobalFindAtomW
GetConsoleOutputCP
GetUserDefaultLangID
GetProcessHeap
GetModuleHandleA
QueryPerformanceCounter
SetCurrentDirectoryA
GetModuleHandleW
GetCommandLineW
GlobalFindAtomA
GetOEMCP
GetStartupInfoA
CopyFileA
GetVersion
lstrcmpiW
IsDebuggerPresent
GetDriveTypeA
GetCurrentThread
DeleteFileA
lstrlenA
GetCurrentProcessId
VirtualAlloc
VirtualFree

user32

GetDesktopWindow
TranslateMessage
GetSystemMetrics
GetParent
GetDC
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Nnbjmcvo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Vwswkt A
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d46cac467ad5846f2273e1f7c80a5f1a

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Nnbjmcvo Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Vwswkt A Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 10KB

Nnbjmcvo
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Vwswkt A
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 27KB - Virtual size: 27KB