1d6b34024cb97e415152097a99aa48e1

Sharing

Copy URL Twitter E-mail

General

Target

1d6b34024cb97e415152097a99aa48e1
Size

517KB
MD5

1d6b34024cb97e415152097a99aa48e1
SHA1

7a8f2f53a3f7404ad4719cd293a8d76778def842
SHA256

79eb215cee9e72f59adbf33389d5c8c80c4061358d60ccc7018bb1c04f2abb28
SHA512

a632f77523a1a2b7e8efc832ec068a0099c5b8806bba724273c71c2a98eb9eebe1bd988df06eb2d80479c20507049c3a93b1a19ba00cafe308246bd5f313a007
SSDEEP

12288:O8pUzpF7hOwxHb+ErKHX3iqbxVE4k/G5A767SMO/:O8OAwhXK3yq9VELmA2lO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d6b34024cb97e415152097a99aa48e1

Files

1d6b34024cb97e415152097a99aa48e1
.exe windows:4 windows x86 arch:x86

fc28e6d7b3463d83871d9d9f3eceb34f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
GetParent
DdeConnectList
RegisterClassA
SetMenuDefaultItem
SetMenuInfo
GetAncestor
GetComboBoxInfo
CallMsgFilter
SetWindowTextW
SetPropA
IsZoomed
BringWindowToTop
GetDlgItemTextA

advapi32

RegQueryMultipleValuesW
RegEnumKeyW
CryptVerifySignatureA
CryptGetDefaultProviderW
RegDeleteValueW
CryptGetHashParam
RegEnumKeyExA
CryptReleaseContext
RegQueryValueA
RegEnumKeyExW

comctl32

InitCommonControlsEx

gdi32

ExtTextOutW
IntersectClipRect
GetStretchBltMode
GdiPlayJournal
SetAbortProc
SetRectRgn
GetEnhMetaFileBits
CreateEnhMetaFileA
gdiPlaySpoolStream
GetNearestPaletteIndex
CreateCompatibleBitmap
CreateFontIndirectA
SetTextColor

kernel32

GetLocaleInfoW
EnumSystemLocalesA
CompareStringA
SetStdHandle
LCMapStringW
lstrcat
TlsFree
GetCurrentThread
HeapSize
GetModuleFileNameA
OpenMutexA
VirtualProtect
IsValidCodePage
lstrcpynA
WriteFile
GetCommandLineW
TerminateProcess
LCMapStringA
MultiByteToWideChar
GetVolumeInformationW
GetDiskFreeSpaceExW
GetLastError
RtlMoveMemory
SetLastError
IsValidLocale
QueryPerformanceCounter
SetHandleCount
CompareStringW
GetCurrentProcessId
GetCurrentProcess
GetSystemTimeAsFileTime
FindAtomA
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
EnterCriticalSection
GetModuleHandleA
SetFileTime
GetModuleFileNameW
VirtualFree
SetFilePointer
WideCharToMultiByte
DeleteCriticalSection
TlsSetValue
HeapDestroy
GetStdHandle
IsBadWritePtr
CreateMutexA
GetTimeZoneInformation
GetProcAddress
GetStartupInfoA
LeaveCriticalSection
HeapReAlloc
TlsGetValue
VirtualAlloc
HeapCreate
HeapFree
SetConsoleCP
WriteConsoleOutputAttribute
RtlUnwind
InitializeCriticalSection
GetCPInfo
GetStringTypeA
VirtualQuery
GetEnvironmentStrings
GetDateFormatA
GetSystemInfo
GetOEMCP
GetFileType
GlobalAlloc
GetCurrentThreadId
InterlockedExchange
TlsAlloc
GetVersionExA
GetUserDefaultLCID
GetStartupInfoW
GetCommandLineA
UnlockFileEx
ReadFile
LoadLibraryA
GetACP
UnhandledExceptionFilter
HeapAlloc
GetTimeFormatA
GetEnvironmentStringsW
SetLocaleInfoW
CloseHandle
ExitProcess
SetEnvironmentVariableA
GetStringTypeW
GetLocaleInfoA
GetTickCount

shell32

ExtractIconExW
ShellExecuteA

wininet

InternetShowSecurityInfoByURLA
InternetAutodial
FreeUrlCacheSpaceW
FtpDeleteFileA
InternetCreateUrlW

Sections

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc28e6d7b3463d83871d9d9f3eceb34f

Headers

File Characteristics

Imports

user32

advapi32

comctl32

gdi32

kernel32

shell32

wininet

Sections

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 45KB - Virtual size: 61KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 45KB - Virtual size: 61KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 16KB - Virtual size: 16KB