1f7e067b2f26a60f88100c2d5ffe08b6

Sharing

Copy URL Twitter E-mail

General

Target

1f7e067b2f26a60f88100c2d5ffe08b6
Size

519KB
MD5

1f7e067b2f26a60f88100c2d5ffe08b6
SHA1

ed25ecaae795011fc0c7654a6fcc090dcdbd1cbe
SHA256

7c62dde6f52f96214d02a17630417094fb48b137bbb6c53901b0740f13fcc65f
SHA512

e5873247d1dd36d4350919067e7c958f9973d22d1c81332d9a0cfef28968d36ce48dc1a7d3b3d2b5d2ba96167e79a9c14ae26179b32772b967bae952a3a1e398
SSDEEP

12288:2cwXHLyhefcnIDJfGQHwJdgtxLXJcWxYGr:suhY4a+QQJdKcW5r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f7e067b2f26a60f88100c2d5ffe08b6

Files

1f7e067b2f26a60f88100c2d5ffe08b6
.exe windows:4 windows x86 arch:x86

b69cf53e9a9ea00864c16eb120e72b09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

ReadUrlCacheEntryStream
InternetCanonicalizeUrlW
InternetGetCertByURL
FindNextUrlCacheEntryW
FtpGetCurrentDirectoryA
HttpQueryInfoA

kernel32

GetCurrentProcess
GetCurrentProcessId
DeleteCriticalSection
MultiByteToWideChar
LoadModule
GetCurrentThread
SetFileAttributesA
TlsFree
GetVersionExA
RtlUnwind
CreateMutexA
ExitProcess
SetLastError
GetUserDefaultLCID
CompareStringW
EnumTimeFormatsW
SetConsoleCtrlHandler
HeapReAlloc
CreateFileA
OpenMutexA
CreateFileW
HeapAlloc
EnumSystemLocalesA
InterlockedIncrement
GetLocaleInfoW
GetConsoleMode
WideCharToMultiByte
GetStartupInfoA
GetTimeZoneInformation
VirtualAlloc
GetSystemTimeAsFileTime
Sleep
GetEnvironmentStringsW
ReadFile
GetFileType
IsValidCodePage
CompareStringA
IsValidLocale
WriteConsoleW
FreeLibrary
InitializeCriticalSection
LCMapStringW
GetProcessHeap
InterlockedExchange
GetOEMCP
GetModuleFileNameA
QueryPerformanceCounter
GetConsoleOutputCP
GetStringTypeA
SetUnhandledExceptionFilter
GetModuleHandleA
GetCPInfo
GetProcAddress
GetTickCount
EnterCriticalSection
VirtualQuery
FlushFileBuffers
TerminateProcess
LocalAlloc
SetFilePointer
GetACP
VirtualFree
TlsGetValue
TlsAlloc
HeapDestroy
GetCommandLineA
HeapCreate
GetEnvironmentStrings
GetCurrentThreadId
LCMapStringA
EnumCalendarInfoA
LeaveCriticalSection
CloseHandle
LoadLibraryA
HeapFree
GetTimeFormatA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
GetDateFormatA
IsDebuggerPresent
GetLocaleInfoA
WriteFile
SetHandleCount
GetStringTypeW
WriteConsoleA
GetConsoleCP
GetLastError
TlsSetValue
LocalReAlloc
UnhandledExceptionFilter
InterlockedDecrement
SetStdHandle
LocalFlags
SetEnvironmentVariableA
GetStdHandle

user32

ToAsciiEx
BeginPaint
DdeUninitialize
CreateIconIndirect
EnumDisplayDevicesW
ToUnicode
CreateWindowExA
RegisterClassExA
CreateAcceleratorTableA
GetMenuStringW
LoadStringA
UnregisterHotKey
WINNLSGetEnableStatus
GetKeyboardLayoutNameW
CharUpperA
EnumDesktopsW
VkKeyScanA
ChangeDisplaySettingsW
GetClipboardFormatNameW
RegisterClassA
EnumDisplaySettingsA
DdeAddData
GetSysColor
GetGuiResources

comctl32

InitCommonControlsEx

Sections

.text
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b69cf53e9a9ea00864c16eb120e72b09

Headers

File Characteristics

Imports

wininet

kernel32

user32

comctl32

Sections

.text Size: 355KB - Virtual size: 354KB

.rdata Size: 39KB - Virtual size: 55KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 355KB - Virtual size: 354KB

.rdata
Size: 39KB - Virtual size: 55KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 18KB - Virtual size: 17KB