1d55a0b69acf221794288454daf476d2

Sharing

Copy URL

Twitter E-mail

General

Target

1d55a0b69acf221794288454daf476d2
Size

577KB
MD5

1d55a0b69acf221794288454daf476d2
SHA1

261ffcb654b2bd1aa96d881855cd625af6982012
SHA256

0dd6d37da0d1f0a0a986018772482167bde36cde607f9d6686bdf79f11958f44
SHA512

959f09ef05e1744cbc8134d054a3d1233a6d56a754a2a0b2528bdc376ee309f4db3f7bcd89f7e6d35400cf21c23c9675cd9bed58e2af524f03ca27fd98ab6a4f
SSDEEP

12288:lR0tEk47/J7vsZx0aPmAcNWlC6khY15pY78rCT7mG1UoG:lR0Sk47R7vQ2mmADmq15pY7X/mE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d55a0b69acf221794288454daf476d2

Files

1d55a0b69acf221794288454daf476d2
.exe windows:4 windows x86 arch:x86

e4ebb27a9bc5617092108ee64df7ee9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

UrlZonesDetach
DeleteUrlCacheEntryA
HttpQueryInfoA
FtpCreateDirectoryA
ShowCertificate
InternetOpenW
HttpCheckDavCompliance

user32

ScrollDC
GetWindowLongW
CountClipboardFormats
ScrollWindowEx
SendMessageA
CreateWindowExA
EnumDisplaySettingsA
MessageBoxW
ChangeClipboardChain
GrayStringW
DdeSetQualityOfService
PtInRect
GetForegroundWindow
RegisterClassExA
SetCapture
SendMessageW
DispatchMessageW
ShowWindow
ScreenToClient
EnumWindowStationsW
InSendMessage
RegisterClassA

shell32

ShellExecuteExW

kernel32

GetConsoleMode
LCMapStringW
GetCommandLineA
CreateMutexA
EnumSystemLocalesA
GetStringTypeW
GetStartupInfoA
WriteFile
GetCurrentThreadId
VirtualQuery
WriteFileEx
IsValidCodePage
GetConsoleCP
WriteProfileStringW
HeapAlloc
SetStdHandle
LoadLibraryA
VirtualLock
OpenMutexA
EnterCriticalSection
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetACP
FlushConsoleInputBuffer
GetTimeZoneInformation
RtlUnwind
GetConsoleOutputCP
GetLastError
IsDebuggerPresent
CreateFileW
OpenWaitableTimerW
LocalAlloc
TerminateProcess
SetLastError
GetStdHandle
DeleteCriticalSection
GetModuleHandleA
WriteConsoleW
HeapSize
WideCharToMultiByte
GetDateFormatA
GetProcAddress
GetStringTypeA
HeapFree
FindResourceA
SetHandleCount
GetCurrentProcess
Sleep
SetEnvironmentVariableA
InitializeCriticalSection
HeapCreate
HeapReAlloc
GetTickCount
LCMapStringA
GetCurrentThread
GetOEMCP
GetTimeFormatA
TlsFree
InterlockedDecrement
VirtualAlloc
InterlockedExchange
GetProcessHeap
CompareStringW
GetEnvironmentStringsW
CreateDirectoryW
FlushFileBuffers
QueryPerformanceCounter
GetLocaleInfoA
FreeLibrary
SetConsoleOutputCP
GetVersionExA
GetCPInfo
GetModuleFileNameA
CloseHandle
LeaveCriticalSection
WriteConsoleA
HeapDestroy
IsValidLocale
GetFileType
GetEnvironmentStrings
MultiByteToWideChar
GetCurrentProcessId
CompareStringA
TlsAlloc
SetConsoleCtrlHandler
FreeEnvironmentStringsW
GetSystemTime
FreeEnvironmentStringsA
lstrcpynA
CreateFileA
ExitProcess
VirtualFree
ReadFile
TlsSetValue
SetFilePointer
ConvertDefaultLocale
UnhandledExceptionFilter
CreateWaitableTimerW
InterlockedIncrement
GetUserDefaultLCID
TlsGetValue
SetVolumeLabelA
GetLocaleInfoW
EnumResourceLanguagesW

comctl32

DestroyPropertySheetPage
ImageList_Copy
ImageList_Write
ImageList_DrawIndirect
CreatePropertySheetPageW
ImageList_GetBkColor
ImageList_Create
ImageList_GetIconSize
CreateStatusWindow
ImageList_GetIcon
ImageList_SetOverlayImage
ImageList_LoadImageW
ImageList_DragMove
MakeDragList
ImageList_GetFlags
InitCommonControlsEx
ImageList_EndDrag
ImageList_DragLeave
ImageList_Draw
CreateStatusWindowA

gdi32

StartDocA
WidenPath
SetPixel
RestoreDC
GetTextCharset
Escape
SetStretchBltMode
CreateBitmapIndirect
GetEnhMetaFileBits
CreateDCA
Chord
DeleteDC
SetDeviceGammaRamp
GetICMProfileA
GetDeviceCaps
CreateColorSpaceA
GetKerningPairsA
GetDeviceGammaRamp
CopyEnhMetaFileA
CreateCompatibleDC
ExtSelectClipRgn
SwapBuffers
PlayMetaFileRecord
SetBkMode
CreateScalableFontResourceW

Sections

.text
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4ebb27a9bc5617092108ee64df7ee9b

Headers

File Characteristics

Imports

wininet

user32

shell32

kernel32

comctl32

gdi32

Sections

.text Size: 341KB - Virtual size: 341KB

.rdata Size: 68KB - Virtual size: 91KB

.data Size: 115KB - Virtual size: 115KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 341KB - Virtual size: 341KB

.rdata
Size: 68KB - Virtual size: 91KB

.data
Size: 115KB - Virtual size: 115KB

.rsrc
Size: 51KB - Virtual size: 51KB