1ffa0c7b4481628c4a0e37a7d21a0ea3

General

Target

1ffa0c7b4481628c4a0e37a7d21a0ea3
Size

358KB
MD5

1ffa0c7b4481628c4a0e37a7d21a0ea3
SHA1

b5f23826c94a73e2a0e7ff16aeb072c221b74092
SHA256

e19fe20c97c4a4fcf65738919d453c2fcd7855dbb5e60f5fefa46ee6ea0002ef
SHA512

5e8b6292dc0e6168a8899e61ad3bc322311cd873f06a2fb4e81a7c9c99c8478b2165301701588bdddf7023d909c97e11bb9fff21ed08874c8c65a8ed366447c0
SSDEEP

6144:/qKne2Ko9cK2OHnV7D2djek72aTALaFIm85ZDOFBjb/8o05NYXafC2IxFRD:v78gnV/2okya+bFOfv8t5NY12GFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ffa0c7b4481628c4a0e37a7d21a0ea3

Files

1ffa0c7b4481628c4a0e37a7d21a0ea3
.exe windows:6 windows x86 arch:x86

bae3e9091ccb4fa713ca86f803a8d200

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
GetProcessHeap
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadReadPtr
Sleep
GetLastError
GetSystemTimeAsFileTime
LoadLibraryExW
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
TerminateProcess
GetCurrentProcess

msvcrt

_cexit
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_unlock
__dllonexit
_lock
_onexit
__getmainargs
?terminate@@YAXXZ
_controlfp
_except_handler4_common
wcsncmp
abort
??_V@YAXPAX@Z
??_U@YAPAXI@Z
memset
memcpy
realloc
free
_exit
_XcptFilter
_stricmp

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bae3e9091ccb4fa713ca86f803a8d200

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 337KB - Virtual size: 337KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 1024B - Virtual size: 740B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 337KB - Virtual size: 337KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 1024B - Virtual size: 740B