1d3bc1380443138aec76d70ca4a1cba8

General

Target

1d3bc1380443138aec76d70ca4a1cba8
Size

210KB
MD5

1d3bc1380443138aec76d70ca4a1cba8
SHA1

45ad1b99c182f835d9337e3b5959b11602b022dd
SHA256

fdff8a7814e8ee022e63abc2e50c1548a6f9c96563ee28a11bc28815978bee92
SHA512

7d22747dca9b5b29ac2e5d86bedbbc9b14cabffea04439e0f3c776010158d33b6b49bbbe20bbf76976f0e3d14d53ff5d5fd70d9a69633baf3bcd612d735e92d6
SSDEEP

3072:qWbnc7bVFsgO+sCuYc/nqd+iNu3joiWIwZd+dcwb6sIUeKRbuoXEdh61lMvuQ:Hjc1F++s5Yc/0+53jGnZJGIV8vXEdhF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d3bc1380443138aec76d70ca4a1cba8

Files

1d3bc1380443138aec76d70ca4a1cba8
.dll windows:4 windows x86 arch:x86

a7b7e702ff08b0b029c284125574e771

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
WideCharToMultiByte
lstrlenW
DebugBreak
ExitProcess
TerminateProcess
MultiByteToWideChar
VirtualAlloc
GetModuleHandleA
GetEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentProcess
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
FreeEnvironmentStringsW
WriteFile
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy

user32

MessageBoxA
SetForegroundWindow
FindWindowA
CharLowerA
wsprintfA
LoadStringA

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromProgID
CoCreateInstance

oleaut32

VariantClear
SysStringLen
SysAllocString
VariantInit
GetActiveObject

Exports

Exports

CloseIt
FoxDoCmd
FoxEval
GetLastErr
SetErrMode
SetOleObject

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7b7e702ff08b0b029c284125574e771

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 178KB - Virtual size: 179KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 178KB - Virtual size: 179KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB