1f72c229135e89051aab657267ea51db

Sharing

Copy URL Twitter E-mail

General

Target

1f72c229135e89051aab657267ea51db
Size

136KB
MD5

1f72c229135e89051aab657267ea51db
SHA1

f86a1230ad21eb087d11648aa6f865404657fbf9
SHA256

92906acd35b59ab8cfe9a68adab37c4adfb198f9496ee6ebb480f9ed4e85d921
SHA512

10929ca8d711a9647fd1c31c3d6ec0a0c54f3976a7074ad54712724b1b33bd4a80e4e7b97f8ff7d6efd243e11a6686d5aedd345933542ad139d366d1632743ee
SSDEEP

3072:q3f+eks/YdLaJ+JZvlKMqqDLy/4qtKhKTVWgD:O+FFvLqqDLu4qAhp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f72c229135e89051aab657267ea51db

Files

1f72c229135e89051aab657267ea51db
.dll windows:4 windows x86 arch:x86

1cfe5c0fad572ecdbbda94f1778929ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetUserDefaultLangID
CreateEventW
GlobalAlloc
GlobalUnlock
GlobalLock
Sleep
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetCurrentProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
DisableThreadLibraryCalls
GetProcAddress
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentProcessId
TerminateProcess
GetSystemTimeAsFileTime
GetCommandLineA
VirtualProtect
GetLocaleInfoA
GetOEMCP
GetACP
RtlUnwind
GetVersionExA
InterlockedExchange
VirtualQuery
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapAlloc
GetSystemInfo

user32

GetClassInfoExW
SetWindowRgn
SetWindowPos
GetParent
SetFocus
RegisterClassW
CreateWindowExW
ShowWindow
wsprintfW
RegisterClassExW
LoadCursorW

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

gdi32

SetWindowExtEx
CreateMetaFileW
RestoreDC
CloseMetaFile
SaveDC
SetWindowOrgEx
DeleteMetaFile

ole32

CoCreateInstance

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cfe5c0fad572ecdbbda94f1778929ee

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 52KB - Virtual size: 94KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 52KB - Virtual size: 94KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB