1fd6c2b52ea0974c4c3784c23d0a6ed8

Sharing

Copy URL Twitter E-mail

General

Target

1fd6c2b52ea0974c4c3784c23d0a6ed8
Size

108KB
MD5

1fd6c2b52ea0974c4c3784c23d0a6ed8
SHA1

aebf4f9be2280c8ca6646117cca82d609a4d2990
SHA256

79ee92402d8ee83bc32a20190c77533e8130696d8b54365bd9d2046f553494fa
SHA512

336304b9446916f3d844d04e18b4916d4a3c5b903d94d00f9c7294aed5cc2487201d2804f0209e542c82c3d0f0d7fc1b45f2acf12ed1d81cf8a8aaf5e975e325
SSDEEP

1536:/nWiMSLiscO6Bx7gYcWscVblf13sL1TrU1csRzXuy:/nVMsc36/Wsybd13s9rU1csRzf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1fd6c2b52ea0974c4c3784c23d0a6ed8

Files

1fd6c2b52ea0974c4c3784c23d0a6ed8
.dll windows:4 windows x86 arch:x86

740253301f407beb02e6259c040d4723

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strtok
strchr
atoi
strncpy
strrchr
_except_handler3
strncat
free
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
strstr
_ftol
ceil
realloc
wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
malloc
_strcmpi
_strnicmp
_strrev
_strnset
memmove

kernel32

GetCurrentProcess
GetTickCount
GetCurrentThreadId
lstrcmpiA
Process32First
Process32Next
LocalSize
FreeConsole
CreateThread
SetUnhandledExceptionFilter
SetErrorMode
OpenEventA
MoveFileA
GetSystemInfo
GlobalMemoryStatusEx
CreatePipe
GetSystemDirectoryA
CreateProcessA
TerminateProcess
PeekNamedPipe
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
EnterCriticalSection
GetProcAddress
LoadLibraryA
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
lstrcpyA
FreeLibrary
SetEvent
InterlockedExchange
CancelIo
GetLastError
CreateDirectoryA
lstrlenA
lstrcatA
GetDriveTypeA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
RemoveDirectoryA
DeleteFileA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
SetLastError
GetModuleFileNameA
Sleep
GetVersionExA
ExitProcess
RaiseException
GetVersion
DeviceIoControl
CreateRemoteThread
WriteProcessMemory
OpenProcess
GetWindowsDirectoryA
TerminateThread
CreateEventA
GetLocalTime
WaitForSingleObject

msvcp60

?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvfw32

ICCompressorFree
ICSeqCompressFrameEnd
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame
ICClose

Exports

Exports

Eternal
Go
Heart
On
ServiceMain

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

740253301f407beb02e6259c040d4723

Headers

File Characteristics

Imports

msvcrt

kernel32

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 5KB