1d22a8971677b57fe064d470626411d2

Sharing

Copy URL Twitter E-mail

General

Target

1d22a8971677b57fe064d470626411d2
Size

248KB
MD5

1d22a8971677b57fe064d470626411d2
SHA1

e14637ea8a2fcb4a854512621f3cda15d32d6475
SHA256

3ec66330b3d3f2932dcaf4f18f5dad08f55f2510cdc762c80684e4da2ee8a801
SHA512

047036b9e2e9df79ade06914e9ec6686c3b9c83a768bdd9c3abc3930a0ea08a770448e8b6733ce102e72c5bdbace26ea0b4a212e6a3c01d6c9776b9e6303dbe0
SSDEEP

3072:i6Dbi5YANB8eJsE1aaCMZBXLl2Ali/I9gIX7fS0xKuNFTLhorNIcF86gJLMFNlP8:/sYANyeRDJUA99zSsZNnbcF8DGN1Eqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d22a8971677b57fe064d470626411d2

Files

1d22a8971677b57fe064d470626411d2
.exe windows:4 windows x86 arch:x86

0885c7c3dc7dfa760833dabaf97ab4f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionA
LocalLock
_lclose
_lopen
IsBadReadPtr
SearchPathW
AllocConsole
MoveFileW
GetProcessHeap
GetSystemTime
SetConsoleActiveScreenBuffer
GetDiskFreeSpaceExA
LocalAlloc
LocalReAlloc
GetEnvironmentVariableW
AreFileApisANSI
OpenMutexA
GlobalFindAtomW
GetSystemTimeAdjustment
DeleteFiber
GetCPInfo
RaiseException
VirtualQueryEx
WaitNamedPipeA
LoadLibraryExW
DeleteCriticalSection
GetEnvironmentStringsW
GetAtomNameA
TlsGetValue
DosDateTimeToFileTime
GetDateFormatA
VirtualProtect
GlobalDeleteAtom
GlobalUnlock
WriteProcessMemory
EnumDateFormatsW
LocalSize
GetVersionExA
GetCommandLineA
VirtualAlloc
WritePrivateProfileStringW
ExitProcess

user32

GetKeyNameTextW
EnumWindowStationsA
DefDlgProcW
DrawTextExA
EnumDisplayDevicesW
GrayStringA
LoadMenuIndirectA
GetActiveWindow
GetKeyboardLayout
CharNextExA
DrawIcon
GetSystemMetrics
MapDialogRect
VkKeyScanA
EmptyClipboard
SendNotifyMessageW
AppendMenuA
RemoveMenu
CreatePopupMenu
DefMDIChildProcA
OffsetRect
SetWindowContextHelpId
DrawIconEx
MapVirtualKeyExW
wvsprintfA
GetInputState
CreateDialogIndirectParamW
DialogBoxIndirectParamA
IsDialogMessageA
SetClipboardViewer
DefWindowProcA
CharPrevW
PostThreadMessageA
DestroyCaret
HideCaret
RegisterClassExW
DrawStateA
MoveWindow
WinHelpW
IsClipboardFormatAvailable
EndDialog
ChangeDisplaySettingsW
IsCharUpperA
UpdateWindow
GetWindowInfo
GetMonitorInfoA
DrawCaption
CloseWindow
SetParent
ChildWindowFromPointEx
GetMenuItemCount
ShowScrollBar
AdjustWindowRect
LoadCursorA
SystemParametersInfoW
GetCaretPos
OemToCharA
OpenDesktopA
ReplyMessage
SetCaretPos
ValidateRect

gdi32

GetBkMode
GetViewportExtEx

advapi32

CopySid
StartServiceA
InitializeSid
OpenSCManagerA
GetAce
CryptVerifySignatureW

shell32

SHGetDesktopFolder
SHFileOperationW
SHChangeNotify
FindExecutableA

ole32

CoQueryProxyBlanket

oleaut32

SafeArrayGetLBound
SafeArrayUnaccessData
LoadTypeLi
LoadTypeLibEx
SafeArrayRedim
SafeArrayGetElement

comctl32

ImageList_GetDragImage

shlwapi

PathIsDirectoryA
StrRetToStrW
PathRelativePathToW
StrToIntExW
PathRelativePathToA
wvnsprintfW
PathGetCharTypeW
PathUnquoteSpacesW
StrCatBuffW
UrlCanonicalizeW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0885c7c3dc7dfa760833dabaf97ab4f0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 232KB - Virtual size: 228KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 232KB - Virtual size: 228KB