1f9ccb68dec7175b70db9d20472e817e

General

Target

1f9ccb68dec7175b70db9d20472e817e
Size

17KB
MD5

1f9ccb68dec7175b70db9d20472e817e
SHA1

98ec8ae79e0f5b77d7666a887d48b5d49b69e43d
SHA256

739d05029206d89f8cbbc135e35e9272cfda3b1a3b389ed2b7702d23c0efc0d9
SHA512

ca71284d7fe04c77cef4f453fe004a138dab27e0ec97753f0a9ccb9838c1dbca45b475ba6b0d98d6a16ea136197dd7dd5a6c8124e0bc415ebc45435a18ffa18c
SSDEEP

384:/cXS3oZ085rKGVV+jmWKgD3Ih2zS8iTM/7yMA6dkto:/8S3oHrK0krUd8iTMDyMnkt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f9ccb68dec7175b70db9d20472e817e

Files

1f9ccb68dec7175b70db9d20472e817e
.dll windows:4 windows x86 arch:x86

59e16f845592c4895cec07cb795ec16e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MulDiv
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
lstrcatA
lstrcmpA
SetFilePointer
CreateEventA
GetModuleFileNameA
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetProcAddress
GetTempPathA
GetTempFileNameA
HeapReAlloc
HeapFree
GetProcessHeap
lstrlenA
HeapAlloc
GlobalFree
GlobalAlloc
lstrcpynA
lstrcpyA
InterlockedExchange
GetLastError
VirtualQuery

user32

wsprintfA
CallWindowProcA
DestroyWindow
EnableWindow
GetWindowLongA
RegisterWindowMessageA
SetWindowLongA
SetDlgItemTextA
MessageBoxA
SetWindowTextA
SendMessageA
GetDlgItem
GetFocus
IsWindowVisible
CharLowerBuffA
ShowWindow
GetClientRect
GetWindowRect
CreateWindowExW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegCloseKey
RegEnumValueA

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetCrackUrlA
FindCloseUrlCache
FindFirstUrlCacheEntryA
InternetSetFilePointer
InternetCloseHandle

version

GetFileVersionInfoSizeA

Exports

Exports

a
b
c

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59e16f845592c4895cec07cb795ec16e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

version

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB