1ab38b262b8fed1f8f09c701fee1794c

Sharing

Copy URL Twitter E-mail

General

Target

1ab38b262b8fed1f8f09c701fee1794c
Size

141KB
MD5

1ab38b262b8fed1f8f09c701fee1794c
SHA1

838b9367aba157efde03e6ad65ca11987b58f7ab
SHA256

d48b88f6874ce96d9d7a996155e7e4553848d4d806dbf919a3cac2d916c19c50
SHA512

65ab1996434c1a8dc03b1bd3ac430238a35c19d4916f19e054e3c63256892f846bda8fb8417c040a230f4953ec6920b8342cfafa4ffee488512158f443ad0247
SSDEEP

3072:J0v5HGULkKh0S6xhJxjAma30CrWx+ylNWqS2AYgk:q3UhJGmaHnylNWj2AVk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab38b262b8fed1f8f09c701fee1794c

Files

1ab38b262b8fed1f8f09c701fee1794c
.exe windows:4 windows x86 arch:x86

ddc72505f1b029ed3a0c1829fb7d70a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExA
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegLoadKeyW
RegGetKeySecurity
RegQueryValueW
RegQueryInfoKeyA
RegQueryValueA
RegEnumKeyA
RegEnumValueW
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExW
RegEnumKeyExA
RegEnumKeyExW
RegFlushKey
RegLoadKeyA
RegDeleteValueA
RegReplaceKeyW
RegCreateKeyW
RegDeleteValueW
RegOpenKeyA
RegReplaceKeyA
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyExW
RegEnumValueA
RegQueryValueExW
RegLoadKeyA
RegDeleteValueW
RegReplaceKeyA
RegDeleteKeyA
RegQueryInfoKeyW
RegEnumKeyW
RegEnumKeyA
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegReplaceKeyW
RegDeleteValueA
RegGetKeySecurity
RegQueryValueA
RegLoadKeyW
RegEnumValueW
RegCreateKeyW
RegQueryValueExA
RegFlushKey
RegQueryValueW
RegOpenKeyExA
RegOpenKeyW
RegOpenKeyA
RegEnumKeyExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

GetLastError
Sleep
GetLastError
WideCharToMultiByte
GetLastError
GlobalAlloc
GetLastError
GetStringTypeW
GetLastError
GetFileSize
GetLastError
HeapAlloc
GetLastError
lstrcmpA
GetLastError
DeleteFileA
GetLastError
GetStringTypeA
GetLastError
lstrlenA

user32

IsWindow
DrawIconEx
InsertMenuA
CloseWindow
BlockInput
DrawIcon
IsMenu
CreateIcon
DialogBoxParamA
GetFocus
GetMenu
LoadCursorA
LoadMenuA
CopyIcon
DrawTextW
DrawTextA
CopyImage
AppendMenuA
CalcMenuBar
GetCursor
AppendMenuW
GetWindowTextLengthA
GetDC
CopyRect
EndDialog
GetWindowTextA
AlignRects
DialogBoxParamW
GetDlgItem

Sections

.tadt
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.raata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eaata
Size: 10KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ralac
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idaaa
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddc72505f1b029ed3a0c1829fb7d70a1

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.tadt Size: 22KB - Virtual size: 22KB

.raata Size: 102KB - Virtual size: 101KB

.eaata Size: 10KB - Virtual size: 125KB

.ralac Size: 1KB - Virtual size: 2KB

.idaaa Size: 1024B - Virtual size: 1KB

.tadt
Size: 22KB - Virtual size: 22KB

.raata
Size: 102KB - Virtual size: 101KB

.eaata
Size: 10KB - Virtual size: 125KB

.ralac
Size: 1KB - Virtual size: 2KB

.idaaa
Size: 1024B - Virtual size: 1KB