1da2040b1e941ca5a1184e0e6df650f6

General

Target

1da2040b1e941ca5a1184e0e6df650f6
Size

31KB
MD5

1da2040b1e941ca5a1184e0e6df650f6
SHA1

bb212c6cd520de2ab401aaf9ed25bdece1db5e39
SHA256

e32e82e54a30a7408c1268c16cc159820718dcc8e515dc15e9f092f527d32043
SHA512

a96e596e90644f20cfbbb60c41a635c884eb339bd2ec8af4e4bdbc4dee895951d3cef0040a25c352f6eaea1989328893a082b6f7ce2640dc2ee026c359a2711b
SSDEEP

768:tPQxRuJe3H0lSn08888YfXAqKjMWfyPx3XcestYgD8Ar:wRr3H0MnLPtKBfyP5c3tVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1da2040b1e941ca5a1184e0e6df650f6

Files

1da2040b1e941ca5a1184e0e6df650f6
.exe windows:4 windows x86 arch:x86

70be0afdeaa595bd00a17758f64aaecc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
InvertRect
PostQuitMessage
MapVirtualKeyExW
GetClassInfoW
CreateWindowExW
GetMenuStringW
ToUnicodeEx

kernel32

GetTickCount
RegisterWowExec
Sleep
CreateEventW
SetEvent
GetThreadSelectorEntry
ExitVDM
GetCurrentProcessId
LCMapStringA
GetStartupInfoA
SetEndOfFile
LoadLibraryA
WaitForSingleObjectEx
GetModuleHandleA
HeapAlloc
GetTimeZoneInformation
GetTempPathA
CreateProcessA
HeapFree
InterlockedDecrement
CopyFileA
GetBinaryTypeA
IsDebuggerPresent
GetProcessHeap
GetSystemPowerStatus
GetFileAttributesA
GetLastError
TerminateJobObject
GetExitCodeThread
IsValidCodePage
FindNextFileA
GlobalCompact
GetSystemTimeAsFileTime
GetConsoleCP
LCMapStringW
GetLocaleInfoA
GetStringTypeA
GetProcAddress
GetCurrentProcessId
WriteConsoleW
GetStringTypeW
HeapSize
TerminateProcess
GetVersionExA
ExitProcess
GetCommandLineA
WriteConsoleA
GetFileSize
GetConsoleMode
GetCurrentThreadId
GetCurrentProcess
MoveFileA
GetExitCodeProcess
GetModuleFileNameA
RemoveDirectoryA

msvcrt

__setusermatherr
__set_app_type
__p__commode
__p__fmode
_controlfp
_except_handler3

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

SHBrowseForFolderA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 14KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70be0afdeaa595bd00a17758f64aaecc

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

version

shell32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.text1 Size: 14KB - Virtual size: 47KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text1
Size: 14KB - Virtual size: 47KB