1d4b8463669fd17bff599822e0b2716a

Sharing

Copy URL Twitter E-mail

General

Target

1d4b8463669fd17bff599822e0b2716a
Size

361KB
MD5

1d4b8463669fd17bff599822e0b2716a
SHA1

04b009ad6504a8977e5ecf88fad66f143c67d75c
SHA256

085efd0c1751e16152e6022c412cd5923efd7237ac39d22301e5c6dee9d873d7
SHA512

e1286928ad1676a87de717f12726ec464a2fcb724baf2d4c6fd922590bc5a7ac6927148f46a54d4893797d1b29e7d6eefbb62986c3e9b7cdc4d827df8da38bb2
SSDEEP

6144:KTeduSc+LqiWt/RQ6eMXBnQMCZ5d3jxyc5XQxisTHECkibVEajl5BEOsy7a1H:KTOZPWt/aaXxrCZ53X5gUsTHxhLnuORE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d4b8463669fd17bff599822e0b2716a

Files

1d4b8463669fd17bff599822e0b2716a
.exe windows:4 windows x86 arch:x86

a200f5f75a4b8defcb04b3ef53bd3414

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
GetPropA
GetMenuItemCount
SetMessageQueue
GetParent
FindWindowExW
FlashWindowEx
GetClipboardViewer
ReuseDDElParam
RegisterClassA
DdeKeepStringHandle
SetDoubleClickTime
CopyRect
OpenDesktopA
CreatePopupMenu
ExitWindowsEx
RegisterClassExA

advapi32

RegRestoreKeyA
RegEnumKeyExA
RegQueryValueA
RegNotifyChangeKeyValue
CryptSetHashParam
InitializeSecurityDescriptor
RegDeleteKeyA

comctl32

InitCommonControlsEx

kernel32

WriteConsoleA
GetFileAttributesW
FreeEnvironmentStringsW
GetModuleHandleW
GetCompressedFileSizeA
WriteConsoleW
IsValidCodePage
HeapDestroy
GetLocaleInfoA
GetConsoleCP
TlsSetValue
GetUserDefaultLCID
CopyFileExA
LCMapStringA
MultiByteToWideChar
GetCommandLineA
HeapFree
GetLocaleInfoW
RtlZeroMemory
SetSystemTime
HeapReAlloc
GetTickCount
SetVolumeLabelA
WriteFile
SetVolumeLabelW
InitializeCriticalSectionAndSpinCount
VirtualAlloc
SetStdHandle
GetACP
CompareStringW
FreeLibrary
TlsFree
GetOEMCP
GetStringTypeW
GetStartupInfoA
TerminateThread
SetEnvironmentVariableA
SetCurrentDirectoryA
GetDateFormatA
CompareStringA
GetConsoleOutputCP
InterlockedExchange
GetEnvironmentStringsW
GetTimeFormatA
SetTimeZoneInformation
CreateFileA
RtlUnwind
VirtualFree
CloseHandle
TlsGetValue
HeapAlloc
GetSystemTimeAsFileTime
SetFilePointer
GetLastError
GetEnvironmentStrings
InterlockedExchangeAdd
IsValidLocale
GetCurrentThread
CreateEventA
GetModuleHandleA
InterlockedIncrement
LCMapStringW
HeapSize
EnumDateFormatsExA
SetConsoleCtrlHandler
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
VirtualQuery
SetHandleCount
QueryPerformanceCounter
GetSystemDirectoryA
GetFileType
CreateMutexA
DeleteCriticalSection
OpenMutexA
GetShortPathNameW
GetCurrentProcess
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
LoadLibraryA
GetCurrentThreadId
WritePrivateProfileStructA
Sleep
WideCharToMultiByte
LeaveCriticalSection
SetConsoleCursorInfo
EnterCriticalSection
TerminateProcess
LoadLibraryExA
ReadFile
FreeEnvironmentStringsA
EnumSystemLocalesA
FlushFileBuffers
GetStringTypeA
InterlockedDecrement
GetCPInfo
GetProcAddress
HeapCreate
TlsAlloc
SetComputerNameA
GetConsoleMode
ExitProcess
GetModuleFileNameA
SetLastError
CompareFileTime

Sections

.text
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a200f5f75a4b8defcb04b3ef53bd3414

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 225KB - Virtual size: 224KB

.rdata Size: 26KB - Virtual size: 47KB

.data Size: 94KB - Virtual size: 93KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 225KB - Virtual size: 224KB

.rdata
Size: 26KB - Virtual size: 47KB

.data
Size: 94KB - Virtual size: 93KB

.rsrc
Size: 15KB - Virtual size: 15KB