1dbdeb21985594716b52f3dbde963544

Sharing

Copy URL Twitter E-mail

General

Target

1dbdeb21985594716b52f3dbde963544
Size

315KB
MD5

1dbdeb21985594716b52f3dbde963544
SHA1

2019a31f6bf44554da885e49dc2925365dd9d27f
SHA256

bdc280b2ef7232a2ae810dd9c46e9ff7bdd57765531d56c9b0d30372494731ec
SHA512

cd5b7f061eac636aca918302519360a73ce7e815dcf55f85334cd18f5c069414364bd4d38a0de60a0b755ece8e535eea4bbf057b842b158bd1efac1df75ad097
SSDEEP

6144:kyhJfDZbErUjoHkOxEM2LJu+mJ5e90bGjkAsDZDeEcjOUtGRMUlYZ8s6:koDZoUjoZxEMgJu+mJo90bGjkAsdD9UH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1dbdeb21985594716b52f3dbde963544

Files

1dbdeb21985594716b52f3dbde963544
.exe windows:4 windows x86 arch:x86

b8cbcaee58dc52bcddc8dfa589d62b3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

UrlZonesDetach
DeleteUrlCacheContainerA
SetUrlCacheConfigInfoA
InternetTimeFromSystemTimeA
InternetConfirmZoneCrossing
InternetQueryFortezzaStatus
ResumeSuspendedDownload
FtpDeleteFileA
GopherGetAttributeW
InternetAlgIdToStringA
DeleteIE3Cache
InternetReadFileExA
InternetWriteFile
FtpDeleteFileW
InternetGetConnectedStateExW
FtpGetFileW
RetrieveUrlCacheEntryStreamA

advapi32

LogonUserA
CryptSetProviderExA

comdlg32

PageSetupDlgW
FindTextW
PrintDlgW
GetOpenFileNameW
ReplaceTextW
LoadAlterBitmap
ChooseColorW

gdi32

CreateEnhMetaFileW
GetBkMode
GetMetaRgn
gdiPlaySpoolStream
GetCharABCWidthsFloatW
GetStockObject
UpdateICMRegKeyW
SetBitmapDimensionEx
GetObjectA
Polygon
GetTextColor
CreateDiscardableBitmap
CreatePolygonRgn
TextOutA
AddFontResourceA
GetMiterLimit
SelectClipRgn
StartDocA
GetSystemPaletteUse
AbortPath
ExtTextOutA
GetClipBox
GetRandomRgn

kernel32

MoveFileW
FreeLibrary
Sleep
DeleteCriticalSection
InterlockedExchange
SetHandleCount
LocalFree
GetCurrentProcess
HeapCreate
LoadLibraryA
TlsAlloc
GetProcAddress
WideCharToMultiByte
GetNamedPipeInfo
GetStartupInfoW
GetCurrentDirectoryA
EnumCalendarInfoExW
InterlockedIncrement
GetFileType
SetConsoleCtrlHandler
GetEnvironmentStringsW
IsValidCodePage
GetEnvironmentStrings
EnumSystemLocalesA
GetModuleFileNameA
IsValidLocale
GetStdHandle
GetDateFormatA
SetConsoleCursorPosition
GetStringTypeA
VirtualProtect
LoadLibraryExA
ReadConsoleW
GetLocaleInfoW
HeapDestroy
SetConsoleCP
HeapReAlloc
VirtualQuery
GetProfileSectionA
lstrcmp
InitializeCriticalSection
GetLastError
TerminateProcess
GetLocaleInfoA
GetCommandLineW
HeapAlloc
CreateFileW
CompareStringW
VirtualFree
IsBadWritePtr
GetACP
GetModuleFileNameW
LCMapStringW
TlsFree
FreeEnvironmentStringsW
TlsGetValue
QueryPerformanceCounter
GetStartupInfoA
GetCPInfo
TlsSetValue
GetCurrentThread
CompareStringA
GetCurrentThreadId
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetVersionExA
InterlockedDecrement
MultiByteToWideChar
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
OpenWaitableTimerW
GetTickCount
SetLastError
VirtualAlloc
EnumCalendarInfoExA
SetUnhandledExceptionFilter
GetCommandLineA
GetCurrentProcessId
GetProcessHeap
IsDebuggerPresent
ExitProcess
LCMapStringA
GetModuleHandleA
GetUserDefaultLCID
HeapFree
RtlUnwind
GetTimeFormatA
GetStringTypeW
GetOEMCP
HeapSize
FreeEnvironmentStringsA
WriteFile
UnhandledExceptionFilter

user32

TranslateAccelerator
EndDeferWindowPos
SetDoubleClickTime
GetNextDlgGroupItem
CascadeWindows
ScrollWindow
SetClipboardData
DialogBoxIndirectParamA
EnumWindowStationsA
BeginDeferWindowPos
MapVirtualKeyW
GetSysColorBrush
GetWindowTextW
DrawFrame
GetDlgItemTextA
IsCharUpperA
IsCharLowerW
LoadStringA
GetKBCodePage
RemovePropW
CreateDialogParamA

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8cbcaee58dc52bcddc8dfa589d62b3a

Headers

File Characteristics

Imports

wininet

advapi32

comdlg32

gdi32

kernel32

user32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 142KB - Virtual size: 141KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 4KB - Virtual size: 3KB