1d16870b04ff49f0484de9ea6d6c5907

Sharing

Copy URL Twitter E-mail

General

Target

1d16870b04ff49f0484de9ea6d6c5907
Size

66KB
MD5

1d16870b04ff49f0484de9ea6d6c5907
SHA1

b8896e5fda44394df84c1437ed58d40adba4c318
SHA256

6f76e7021f1c63848dbb31e3f538115650bc81af00beb644fef70449eeb25a7f
SHA512

634f0d888eb054134f7c7001e1769a55dc14f3d7e5671faff7d1ebe6d78a7a838481b8259c3cd02d879d4be76f1ef8c4d73e356331b063dfebfc4abf2773ac58
SSDEEP

1536:j18KxUnpuVF2GfYEE1GEFa+xR17mHSSo2qeuKZR8fjUn345Mr/:yKxl3YYOZlSo2qeuKEo45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d16870b04ff49f0484de9ea6d6c5907

Files

1d16870b04ff49f0484de9ea6d6c5907
.exe windows:4 windows x86 arch:x86

9df73f9fbbe5284e059e81b3596c67e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckRadioButton
GetActiveWindow
EnumDesktopsW
EnumPropsExW
GetClipCursor
GetClipboardViewer
DeleteMenu
GetClassInfoExW
EnumClipboardFormats
DrawFrameControl
DrawMenuBar

kernel32

ReadFile
Sleep
FindNextFileW
VirtualFree
SetCurrentDirectoryA
RegisterConsoleVDM
Thread32Next
SetProcessWorkingSetSize
VirtualAlloc
GetCurrentThreadId
CopyFileA
GetCommConfig
SetFilePointer
lstrcmpA
lstrlenW
GetStartupInfoA
CloseProfileUserMapping
BuildCommDCBA
SystemTimeToFileTime
FindAtomW
InterlockedExchangeAdd
WriteConsoleW
IsBadCodePtr
FindClose
SetLocaleInfoW
SetLastError
GetConsoleFontSize
LCMapStringA
GetModuleHandleA
ExitProcess
GetProfileStringA
CreateProcessA
WaitForMultipleObjects
lstrcpynA
GetProcessHeaps
GetPrivateProfileStructA
SuspendThread
HeapLock
GetConsoleCP
GetCurrencyFormatW
FileTimeToDosDateTime
IsBadStringPtrA
DosDateTimeToFileTime
OpenJobObjectW
SetConsoleCtrlHandler
GetModuleHandleW
RegisterWaitForInputIdle
ReadProcessMemory
GetLocaleInfoW
GetBinaryTypeA

shell32

SHGetMalloc
ShellExecuteA

msvcrt

_fpclass
__p__commode
_swab
wcsftime
strcspn
islower
_spawnle
_spawnlp
_mbbtype
_inpw
strpbrk
getenv
_futime
getchar
_getcwd
__winitenv
_seh_longjmp_unwind
__initenv
_wcsnset
_CIasin
__p__daylight
_open_osfhandle
wcscoll
_pctype
wcscspn
_ismbclegal
iswascii
frexp
iswprint
wcsrchr
_flushall
_control87
_HUGE
strtoul
_mktemp
_ismbstrail
__iscsym
div
_Getdays

comdlg32

GetSaveFileNameW
ChooseFontA
ChooseColorA
LoadAlterBitmap

gdi32

GetStretchBltMode
GetMiterLimit
GetTextExtentPointW
PaintRgn
GetClipBox
GetViewportExtEx
GetMetaFileBitsEx
TextOutA
StartDocW
GetBkMode
CreateEnhMetaFileA
GetMapMode
EnumFontsW
RemoveFontResourceA
Polyline
GetCurrentObject
GetPixelFormat

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zxgj
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.buqvu
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mvoi
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.csmoa
Size: 26KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 654B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9df73f9fbbe5284e059e81b3596c67e3

Headers

File Characteristics

Imports

user32

kernel32

shell32

msvcrt

comdlg32

gdi32

Sections

.text Size: 6KB - Virtual size: 5KB

.zxgj Size: 10KB - Virtual size: 20KB

.buqvu Size: 17KB - Virtual size: 26KB

.mvoi Size: 5KB - Virtual size: 17KB

.csmoa Size: 26KB - Virtual size: 34KB

.reloc Size: 1024B - Virtual size: 654B

.text
Size: 6KB - Virtual size: 5KB

.zxgj
Size: 10KB - Virtual size: 20KB

.buqvu
Size: 17KB - Virtual size: 26KB

.mvoi
Size: 5KB - Virtual size: 17KB

.csmoa
Size: 26KB - Virtual size: 34KB

.reloc
Size: 1024B - Virtual size: 654B