1dcbeb63967ef4161c757ac811bb3735

Sharing

Copy URL Twitter E-mail

General

Target

1dcbeb63967ef4161c757ac811bb3735
Size

72KB
MD5

1dcbeb63967ef4161c757ac811bb3735
SHA1

9e3a89565c9f8fa7894a4f46cd96559809293c27
SHA256

a128b99e76d2cd8c710ea35d3affb459912d83b04e9e178767e9edefa611a388
SHA512

cc7fe40c6d0e1a0449ba836c560ae890e05a7b5bce017b37620ae7d221987f980c15b299505a841fb82c5c5cce9030fd3775b2161dc8b83f5b9955108370e135
SSDEEP

768:AsHQ67j3fwLfENJOKuSTBrSBuV+k+yqFE8BKP3mScOM4wI+oVktgwI9bUwMwt:nLhZuST88gkH8k3COM7oVkt2vMwt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1dcbeb63967ef4161c757ac811bb3735

Files

1dcbeb63967ef4161c757ac811bb3735
.exe windows:4 windows x86 arch:x86

71bbb99e72dc8cd5e405ca974fe0d6a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
GetVersionExA
OpenProcess
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcpyA
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetModuleHandleA
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
WriteFile
ReadProcessMemory
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LCMapStringW
LCMapStringA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCPInfo
WaitForSingleObject
HeapAlloc
HeapFree
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
VirtualFreeEx
GetExitCodeThread
VirtualFree
CloseHandle
GetLastError
WideCharToMultiByte
LocalFree

user32

RegisterWindowMessageA
SendMessageTimeoutA
MessageBoxA
EmptyClipboard
SetWindowLongA
ReleaseCapture
GetSystemMenu
AppendMenuA
DeleteMenu
LoadIconA
SendMessageA
LoadCursorA
GetDlgItem
CheckDlgButton
GetSystemMetrics
GetWindowRect
SetWindowPos
DialogBoxParamA
EndDialog
IsDlgButtonChecked
GetWindowTextA
OpenClipboard
GetDC
SetClipboardData
CloseClipboard
GetSysColor
ChildWindowFromPoint
SetCapture
SetCursor
GetCursorPos
WindowFromPoint
GetWindowThreadProcessId
GetClassNameA
ScreenToClient
GetParent
ChildWindowFromPointEx
GetWindow
PtInRect
GetWindowLongA
SetWindowTextA
FindWindowA
BringWindowToTop
ShowWindow

gdi32

CreateFontIndirectA
CreateSolidBrush
SetTextColor
SetBkColor
GetDeviceCaps

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize
OleRun
CoCreateInstance

oleaut32

GetErrorInfo
SysAllocStringByteLen
SysAllocString
VariantInit
VariantClear
SysStringLen
SysFreeString

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71bbb99e72dc8cd5e405ca974fe0d6a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 12KB - Virtual size: 49KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 12KB - Virtual size: 49KB