1e8b2863dd8a225bc14ba3fd20859834

Sharing

Copy URL Twitter E-mail

General

Target

1e8b2863dd8a225bc14ba3fd20859834
Size

445KB
MD5

1e8b2863dd8a225bc14ba3fd20859834
SHA1

3bbb39876e0aa3a766cc064392b15b5101b1c8dd
SHA256

5d50fc0a436babaafb6b3ba3740c5f31ab64d086c69986d70d07ab6edd25793c
SHA512

402f8409df30a5254fafcc9b119f5ec506e6fc8a860774b4b104747b78957a564fe5ddabd4fafda75759ef4eef82aec26c9030611a8beb681a4dfbdff9787c73
SSDEEP

6144:2/fomGy+O76A/o04lQa0rfbwYWOQJThb1NLz/OT62rXFIySbRsWzneJK0UjQgSF:4Gy+Ot7uQakkzhh8RFI76TgjQg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e8b2863dd8a225bc14ba3fd20859834

Files

1e8b2863dd8a225bc14ba3fd20859834
.exe windows:4 windows x86 arch:x86

d2cb0d62ed0b39b0f00cafe40064af72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBitmapBits
SetMapperFlags
AnimatePalette
EnumFontsA
StretchBlt
SelectPalette
DeleteDC
CreateDCW
GetDeviceCaps
ScaleViewportExtEx
LineTo

kernel32

GetCurrentThread
WideCharToMultiByte
OpenFile
GetSystemTimeAsFileTime
GetLastError
TlsSetValue
TlsFree
InterlockedIncrement
SetEnvironmentVariableA
MultiByteToWideChar
GetOEMCP
GetTimeZoneInformation
GetProcessHeaps
GetEnvironmentVariableW
GetStdHandle
HeapAlloc
GetCurrentProcess
ReleaseMutex
QueryPerformanceCounter
GetStringTypeA
EnterCriticalSection
TlsAlloc
CreateMutexA
GetPrivateProfileStringW
SetCurrentDirectoryA
GetStartupInfoA
VirtualQueryEx
GetVersion
FlushFileBuffers
LCMapStringA
GetEnvironmentStringsA
SetLastError
GetModuleFileNameA
CompareStringA
GetACP
DeleteFiber
LeaveCriticalSection
LocalUnlock
SetFilePointer
CreateToolhelp32Snapshot
GetFileType
GetCommandLineA
HeapCreate
VirtualQuery
CompareStringW
TerminateProcess
FreeEnvironmentStringsA
IsDebuggerPresent
GetCurrentThreadId
GetEnvironmentStringsW
CloseHandle
ExitProcess
RtlUnwind
GetLocalTime
UnhandledExceptionFilter
OpenMutexA
InterlockedDecrement
HeapReAlloc
VirtualFree
DosDateTimeToFileTime
FindFirstFileExA
GetTickCount
DeleteCriticalSection
SetHandleCount
GetCPInfo
FreeEnvironmentStringsW
SetStdHandle
GetCurrentProcessId
VirtualAlloc
LockResource
HeapDestroy
InterlockedExchange
InitializeCriticalSection
CreatePipe
IsBadWritePtr
GetProcAddress
HeapFree
GetEnvironmentStrings
GetProfileStringW
TlsGetValue
LoadLibraryA
GetModuleHandleA
LoadLibraryW
GetSystemTime
ReadFile
FoldStringA
CreateNamedPipeA
LCMapStringW
WriteFile
GetStringTypeW
GetLongPathNameA

comctl32

ImageList_Read
ImageList_Add
ImageList_DragLeave
InitCommonControlsEx
ImageList_Duplicate
ImageList_LoadImageW
ImageList_SetBkColor
ImageList_Remove
ImageList_Copy
ImageList_DragMove
CreatePropertySheetPageW
ImageList_SetFlags
ImageList_AddMasked
CreateMappedBitmap
CreateStatusWindowW
CreateToolbarEx

user32

RegisterClassExA
MessageBoxA
RegisterClassA
GetMenuItemID
ShowWindow
DrawStateW
GetAncestor
BroadcastSystemMessage
GetClipboardData
CreateWindowExA
CreateMDIWindowW
GetDlgItemInt
GetClipboardOwner
DdeSetQualityOfService
EnumThreadWindows

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2cb0d62ed0b39b0f00cafe40064af72

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

user32

Sections

.text Size: 283KB - Virtual size: 283KB

.rdata Size: 47KB - Virtual size: 78KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 283KB - Virtual size: 283KB

.rdata
Size: 47KB - Virtual size: 78KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 12KB - Virtual size: 12KB