1f966ab8117f36753d988c3c94f9d157

Sharing

Copy URL Twitter E-mail

General

Target

1f966ab8117f36753d988c3c94f9d157
Size

494KB
MD5

1f966ab8117f36753d988c3c94f9d157
SHA1

42826aecaba36861392b628c28380ba2cf2faad4
SHA256

e9e1a942123b0417ff28f53091a00cde276d4dedb302075ffcdb8d5c61a2a438
SHA512

7ef0ff48eb85bec7bd7d0f1608d5dfefa063516fd8780729aa05a659180be0ea4ddb4f2c9ce16890320da4b54206404fa41a0b4e1bc7acf0e8e348371fd04466
SSDEEP

12288:RJfj9s78S5F7DLALQaiwYIwIxGrScocZjuX6bMY:R5mrn7D8L3JXxGGcBZjuNY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f966ab8117f36753d988c3c94f9d157

Files

1f966ab8117f36753d988c3c94f9d157
.exe windows:4 windows x86 arch:x86

92e83f94308da21a5518b09941c066a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

GetDC
SendIMEMessageExW
CreateIconFromResource
CreateWindowStationA
RegisterClassExA
SetClipboardData
DdeReconnect
RegisterClassA

kernel32

GetCurrentThreadId
WideCharToMultiByte
InterlockedIncrement
EnumResourceLanguagesA
TransactNamedPipe
GetUserDefaultLCID
GetDateFormatA
GetOEMCP
FoldStringA
SetUnhandledExceptionFilter
GetTickCount
WriteConsoleW
EnumSystemLocalesA
SetStdHandle
TlsGetValue
GlobalAddAtomW
OpenFile
GetACP
GetCurrentThread
SetFilePointer
QueryPerformanceCounter
IsDebuggerPresent
HeapCreate
HeapSize
LoadLibraryA
Sleep
InterlockedDecrement
CreateMutexA
HeapFree
GetCurrentProcessId
FreeEnvironmentStringsA
GetCurrentProcess
WriteFile
GetCommandLineA
MoveFileExA
VirtualQueryEx
SetHandleCount
LeaveCriticalSection
CreateFileA
GetLocaleInfoW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetLastError
MultiByteToWideChar
GetModuleHandleW
IsValidCodePage
CompareStringA
CompareStringW
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeLibrary
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStdHandle
GetConsoleScreenBufferInfo
GetConsoleOutputCP
GetSystemTime
WaitForSingleObjectEx
GetTimeFormatA
ExitProcess
VirtualAllocEx
GetPrivateProfileStructW
HeapReAlloc
GetStartupInfoA
GetModuleHandleA
GetStringTypeW
CreateProcessA
TerminateProcess
LCMapStringW
TlsFree
GetModuleFileNameA
GetVolumeInformationA
DebugActiveProcess
VirtualFree
DeleteCriticalSection
GetProcAddress
GetPrivateProfileStringW
SetLocaleInfoW
LCMapStringA
VirtualQuery
EnterCriticalSection
GetConsoleMode
HeapDestroy
FillConsoleOutputAttribute
OpenMutexA
HeapAlloc
ReadFile
FlushFileBuffers
GetConsoleCP
GetFileType
GetEnvironmentStrings
SetLastError
LocalSize
TlsSetValue
TlsAlloc
GetWindowsDirectoryA
GetCPInfo
FreeEnvironmentStringsW
GetSystemInfo
IsValidLocale
SetConsoleTextAttribute
WriteConsoleA
GetLocaleInfoA
RtlUnwind
InterlockedExchange
SetConsoleCtrlHandler
CloseHandle
GetStringTypeA

Sections

.text
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92e83f94308da21a5518b09941c066a9

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 335KB - Virtual size: 334KB

.rdata Size: 37KB - Virtual size: 47KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 335KB - Virtual size: 334KB

.rdata
Size: 37KB - Virtual size: 47KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 14KB - Virtual size: 14KB