1e5831a32168f4e187d7fd26207e50c4

Sharing

Copy URL Twitter E-mail

General

Target

1e5831a32168f4e187d7fd26207e50c4
Size

180KB
MD5

1e5831a32168f4e187d7fd26207e50c4
SHA1

9e384f0ec4a1f75c71fb3327196055b69cc6046f
SHA256

851fc4d186e37c97027d0d2fa5a2316d8e683dd89635806d5e004fd18cd88ddc
SHA512

2a42540324532970977770b1734ab2c81974f9cf2f6b287ba4788cd6c9757f484532b970c3dfccd5b90bb6ef4afaa36e77d02a820feac03127aa502615218439
SSDEEP

3072:+AUgQ2KSGLo3XgNsKCCobbBDmENkDfhfkWWxSxb2Aj8CAy3CUzJpyU2Kiy:+A9Q2xGqXkSX/BJSDCqr8nUuxKiy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e5831a32168f4e187d7fd26207e50c4

Files

1e5831a32168f4e187d7fd26207e50c4
.exe windows:4 windows x86 arch:x86

0f4c4cc7172e38ae26b512940e811343

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

winmm

timeGetTime

kernel32

LoadLibraryW
GlobalUnlock
WaitCommEvent
GetVersionExA
GlobalLock
LocalAlloc
WaitCommEvent
GetCurrentThreadId
GlobalAlloc
LocalFree
InterlockedExchange
CopyFileW
EnumResourceNamesW
ReadFile
CloseHandle
CreateFileW
CreateDirectoryW
OutputDebugStringW
ExitProcess
GetSystemTimeAsFileTime
SetFileAttributesW
GetTickCount
GetLastError
GetModuleFileNameA
ExitProcess
GetCurrentProcessId
GetACP
DisableThreadLibraryCalls
QueryPerformanceCounter
GetFullPathNameW
GetLocaleInfoA

user32

SetParent
IsWindow
TrackPopupMenuEx
EnableWindow
CreatePopupMenu
GetFocus
DestroyMenu
GetDesktopWindow
SetCursor
InvalidateRect
SetWindowPos
RedrawWindow
ClipCursor
LoadCursorW
PtInRect

gdi32

GetObjectType
CreateDCW
SelectObject
BitBlt
LineTo
CreatePen
CreateCompatibleDC
SetStretchBltMode
CreateDIBSection
DeleteDC
StretchBlt
CreateBitmap

advapi32

RegSetValueW
RegSetValueExW
RegCreateKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f4c4cc7172e38ae26b512940e811343

Headers

File Characteristics

Imports

msimg32

gdiplus

ole32

comctl32

winmm

kernel32

user32

gdi32

advapi32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 40KB - Virtual size: 39KB

.rsr Size: 512B - Virtual size: 216KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 40KB - Virtual size: 39KB

.rsr
Size: 512B - Virtual size: 216KB