1bad3962b9629f53bb371b7ad73fef55

Sharing

Copy URL

Twitter E-mail

General

Target

1bad3962b9629f53bb371b7ad73fef55
Size

128KB
MD5

1bad3962b9629f53bb371b7ad73fef55
SHA1

52350acabb1cb1abb009a9220b5f116f6119f809
SHA256

3eda9e4d514823bb819a91da7cd0fe34dec933daf86ac5cce324013b88a9ae99
SHA512

f37e99449b6630c8e6fef148b67b0fe44e28d4ed4a6f606ea716a379c59495d09981299cc20a3199073d8d975acaa7dc058a7903fff69cf01b97875df6890fe7
SSDEEP

3072:6FWufuuZDM+5eWNQMIPeRp+D075+sJfus+XJqw2+h53Fa9ROD:6D6seW+MIo+DMxQt263N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bad3962b9629f53bb371b7ad73fef55

Files

1bad3962b9629f53bb371b7ad73fef55
.exe windows:1 windows x86 arch:x86

84da03ad3910a400a729090b4ee82cca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
IsBadStringPtrW
GetComputerNameW
ResetEvent
DeviceIoControl
lstrcpynA
GetDriveTypeA
LocalAlloc
MulDiv
GetCommandLineA
GetCurrentThread
CreateFileA
HeapReAlloc
Module32First
GetSystemInfo
Module32Next
HeapSize
lstrcmpA
SetHandleCount
VirtualFree
GetOEMCP
GetEnvironmentVariableA
UnhandledExceptionFilter
WaitForMultipleObjects
LoadLibraryW
GlobalLock
lstrcatA
HeapCreate
LockResource
ExpandEnvironmentStringsA
GlobalReAlloc
FileTimeToLocalFileTime
GetModuleHandleA
GetStringTypeExW
TlsFree
FlushFileBuffers
SetEvent
GetCommandLineW
CloseHandle
GetLastError
ResumeThread
GetVersionExA
HeapFree
SetEnvironmentVariableA
GlobalAlloc
GetStartupInfoA

user32

AppendMenuA
EnableMenuItem
SetCursor
IsDlgButtonChecked
DialogBoxIndirectParamA
GetWindowDC
GetDC
KillTimer
SetFocus
GetSystemMetrics
IsDialogMessageA
SetClassLongA
CreateMenu
CheckDlgButton
GetParent
MessageBoxA
MapWindowPoints
IntersectRect
SendMessageTimeoutA
EnumWindows
GetDesktopWindow
DrawFrameControl
ScreenToClient
GetDlgItem
CopyRect
IsIconic
CallWindowProcA
SystemParametersInfoA
EnumChildWindows
SetWindowPos
SendMessageA
DestroyWindow
EmptyClipboard
RedrawWindow
GetWindowLongA
PostQuitMessage
ReleaseCapture
IsWindowVisible
RegisterClassA
InsertMenuA
GetMenuItemCount
CreateWindowExA
SetUserObjectSecurity
GetKeyState

msvcrt

__set_app_type
_controlfp
exit
memcpy
_adjust_fdiv
_exit
_XcptFilter
_except_handler3
__setusermatherr
__getmainargs
_acmdln
_initterm
__p__commode
__p__fmode

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84da03ad3910a400a729090b4ee82cca

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 56KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 56KB

.rsrc
Size: 92KB - Virtual size: 92KB