1d8736ea44f6519de5435f02964974ba

Sharing

Copy URL Twitter E-mail

General

Target

1d8736ea44f6519de5435f02964974ba
Size

43KB
MD5

1d8736ea44f6519de5435f02964974ba
SHA1

d015370e94ed0976e11296166c830eb26f73ebef
SHA256

1d2a20ca06e2f7b77ee12384aba0a0b535d43077146901204d1bd8c6c5e7ad28
SHA512

221ed45370edb1865c31e72cc5ed1f5cc860d2a3e7304944274519d7384fa6766d36ac7bff136a242472aade65059c5bca2b7bbdcf8f6e1de8f42811df82aadd
SSDEEP

768:LEEmlnWQoa4R8znb39/h41gXMBqVATniRTlwgPLBvPXx/qfsa:AnWQF4R87L9J4yMP4lFPLBvPXE0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d8736ea44f6519de5435f02964974ba

Files

1d8736ea44f6519de5435f02964974ba
.exe windows:4 windows x86 arch:x86

6e4ab54c4455c8b013395113524783e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
LocalShrink
GetFileAttributesW
UTRegister
SetSystemTime
GenerateConsoleCtrlEvent
SetSystemTimeAdjustment
GetTimeFormatW
SetLastConsoleEventActive
InvalidateConsoleDIBits
Sleep

user32

UserRealizePalette
RegisterClassExA
CloseClipboard
ScreenToClient
TranslateMessage
DdeReconnect
IsCharUpperA
LoadMenuIndirectW
SetDoubleClickTime
GetKeyState
SetDlgItemInt
OemKeyScan
SendMessageW
ReuseDDElParam
DdePostAdvise
SendMessageTimeoutA
ChangeMenuA
GetProcessWindowStation
RegisterWindowMessageA

gdi32

CLIPOBJ_ppoGetPath
SetPolyFillMode
CreateDCW
EngUnicodeToMultiByteN
EnumMetaFile
bMakePathNameW
GdiEntry16
RealizePalette
AnimatePalette
GetLogColorSpaceA
GdiGetPageHandle
EnableEUDC
GdiGetDC
ColorMatchToTarget
GdiSwapBuffers
StretchBlt
FONTOBJ_pifi
GetCharWidthA
LineDDA
SetPixel
GdiEntry7
GetArcDirection
EngFillPath
PlayEnhMetaFileRecord
GetCharABCWidthsFloatA
CreateSolidBrush
SetMapMode
GetEnhMetaFileA
CreateFontW
CreatePolygonRgn
CreateDIBSection
GdiSetBatchLimit
IntersectClipRect
EndPage
GetMetaRgn
CreateBrushIndirect
GdiPlayDCScript
GdiConsoleTextOut
PtInRegion
StrokePath
EngCreateBitmap
GdiReleaseLocalDC
EngDeleteClip
GetFontData
CreateMetaFileW
GdiGradientFill
GetRandomRgn
PolyPolyline

comdlg32

ReplaceTextA
ChooseColorA
PageSetupDlgA
PrintDlgA
CommDlgExtendedError
GetFileTitleW
dwLBSubclass
PrintDlgExW
FindTextW
GetOpenFileNameW
Ssync_ANSI_UNICODE_Struct_For_WOW

psapi

QueryWorkingSet
GetDeviceDriverFileNameW
GetProcessMemoryInfo
GetDeviceDriverFileNameA
GetMappedFileNameW
EnumDeviceDrivers
GetModuleFileNameExW
GetModuleBaseNameA
EnumProcessModules
EmptyWorkingSet
GetModuleBaseNameW
InitializeProcessForWsWatch
GetDeviceDriverBaseNameA

comctl32

ImageList_GetImageRect
DrawStatusTextW
ImageList_GetDragImage
InitializeFlatSB
UninitializeFlatSB
ImageList_ReplaceIcon
ImageList_Remove
GetMUILanguage
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_Write
DestroyPropertySheetPage
FlatSB_SetScrollProp
ImageList_DragEnter
ImageList_AddIcon
CreateStatusWindow
FlatSB_GetScrollInfo
ImageList_LoadImageA
ImageList_EndDrag
ImageList_SetFlags
ImageList_Create
CreateMappedBitmap
FlatSB_GetScrollProp
ImageList_GetIcon
CreateStatusWindowW
ImageList_Merge
PropertySheetW
FlatSB_SetScrollInfo
MakeDragList
ImageList_Draw
ImageList_SetImageCount

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e4ab54c4455c8b013395113524783e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 8KB