1d9f2f9e9f46298cffe869f8e1d40299

General

Target

1d9f2f9e9f46298cffe869f8e1d40299
Size

385KB
MD5

1d9f2f9e9f46298cffe869f8e1d40299
SHA1

c9e72089050e4ad3f0fea574c28d1816a20cd3cc
SHA256

dfcb5f1a105fd29f60b95c93c4f9db762a43a0cecd73771359f9573bf6df14cf
SHA512

bb665c9d6328cd8adc79b27ee4aa537a18005e92f4f8a41fd3a9c5e5abf22107e441320ddd0b9fa242d516407da5a09e53e50d1b2be18ea0c5456b2a73481359
SSDEEP

6144:ljRLx1rqVzzgm1WpO5Y9g7hUjy3v3FCeh+tC6Qjnc5afhlE7MCXOfVAq:3Lx1e3WpOC9whUjy3NCeY0c5tQCVq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d9f2f9e9f46298cffe869f8e1d40299

Files

1d9f2f9e9f46298cffe869f8e1d40299
.exe windows:5 windows x86 arch:x86

6804b502a3a05ffcbf5ee1fb5bcf8487

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromStream
IsAccelerator
CoRevertToSelf
HMENU_UserSize
HENHMETAFILE_UserUnmarshal
StgCreateDocfile

msvcrt

is_wctype
vfwprintf
cosh
strstr
_adjust_fdiv
_mbsbtype
_execlp
_cputs
strtok
_ftime64

user32

GetDlgCtrlID
CallNextHookEx
PostThreadMessageW
SetPropW
UserRealizePalette
GetCaretBlinkTime
IMPSetIMEW
ShowWindowAsync

kernel32

RegisterConsoleOS2
FindVolumeMountPointClose
GetCalendarInfoW
PrepareTape
SetCriticalSectionSpinCount
GetBinaryTypeA
SetFileTime
GetCommandLineA
GetModuleHandleA
GetPrivateProfileStringW
GetLongPathNameW
GetStartupInfoA
CreateWaitableTimerW
CommConfigDialogA
CreateTimerQueue

gdi32

GetTextExtentExPointI
EngFillPath
StartFormPage
GetWorldTransform
GetMetaFileW

advapi32

RegEnumValueA
ReadEventLogW
LsaDeleteTrustedDomain
OpenServiceA
SetTraceCallback
SetSecurityDescriptorDacl
SystemFunction009
LsaRemoveAccountRights
LsaOpenAccount

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6804b502a3a05ffcbf5ee1fb5bcf8487

Headers

DLL Characteristics

File Characteristics

Imports

ole32

msvcrt

user32

kernel32

gdi32

advapi32

Sections

.text Size: 379KB - Virtual size: 379KB

.data Size: 4KB - Virtual size: 541KB

.rsrc Size: 1024B - Virtual size: 956B

.text
Size: 379KB - Virtual size: 379KB

.data
Size: 4KB - Virtual size: 541KB

.rsrc
Size: 1024B - Virtual size: 956B