1eb7acb4be27aa55e6820fe07d59321c

Sharing

Copy URL Twitter E-mail

General

Target

1eb7acb4be27aa55e6820fe07d59321c
Size

338KB
MD5

1eb7acb4be27aa55e6820fe07d59321c
SHA1

1634f9bd85c6b2bd160737bc8efc6c7292312bf5
SHA256

f57ec282227fc4fa6eb2a431c8d479763becc5a4c0e46f607e18443dc7948e54
SHA512

3bc88323f34199689cdaf7e8babcf13bf8bd94d17eba1ece1bbd04ed1b253e2e20724975739ce34d785874a834ea7c6aa614b15e936a4b8a639ac060877df084
SSDEEP

6144:+pbdbk3hIJ7nmHHXlZ17rHe28eeSrtf1nFFnUXrcyRblao+uwKuPo4yL/OAI/Ft:+pZbkxOnmnX1XHe28xS513MbEPVPUOF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1eb7acb4be27aa55e6820fe07d59321c

Files

1eb7acb4be27aa55e6820fe07d59321c
.exe windows:4 windows x86 arch:x86

cb169f51e397d4192bf9614adb6e203a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

DeleteFiber
GetStdHandle
GetCurrentProcess
FindFirstFileExW
SetStdHandle
SetConsoleCtrlHandler
GetUserDefaultLCID
HeapDestroy
LeaveCriticalSection
CreateMutexA
IsValidLocale
HeapCreate
GetDateFormatA
GetPrivateProfileStructA
EnterCriticalSection
GetFileType
FlushFileBuffers
GetCurrentThreadId
GetFileSize
ReadFile
GetStartupInfoA
FreeEnvironmentStringsW
CloseHandle
WideCharToMultiByte
DebugBreak
SetHandleCount
EnumResourceTypesW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
EnumSystemLocalesA
MultiByteToWideChar
InterlockedDecrement
TlsFree
HeapFree
GetModuleHandleA
HeapAlloc
InterlockedExchange
GetSystemTimeAsFileTime
GetStringTypeA
GetLocaleInfoW
VirtualProtect
GetCurrentThread
GetLocaleInfoA
VirtualQuery
OpenMutexA
GetCPInfo
GetLastError
TlsGetValue
LCMapStringA
FillConsoleOutputCharacterW
TlsSetValue
OutputDebugStringA
GetTimeFormatA
GetProcAddress
DeleteCriticalSection
IsBadReadPtr
TlsAlloc
TerminateProcess
GetSystemInfo
HeapValidate
IsValidCodePage
GetCommandLineA
GetStringTypeW
SetFilePointer
VirtualAlloc
GetModuleFileNameA
GetEnvironmentStringsW
GetEnvironmentStrings
GetTickCount
SetLastError
GetOEMCP
GetTimeZoneInformation
WriteFile
InitializeCriticalSection
CompareStringW
QueryPerformanceCounter
ExitProcess
VirtualFree
InterlockedIncrement
GetACP
IsBadWritePtr
LoadLibraryA
LCMapStringW
HeapReAlloc
SetEnvironmentVariableA
CompareStringA
GetVersionExA
GetCurrentProcessId

user32

LoadImageW
SetRectEmpty
LoadImageA
IsWindowVisible
SetPropW
MoveWindow
SetMessageExtraInfo
SendMessageTimeoutW
RegisterClassExA
EnumDisplaySettingsExW
GetPropA
RegisterClassA
GetUpdateRgn
GetWindowWord
GetKeyNameTextW
OffsetRect
ChangeClipboardChain
MonitorFromPoint
FlashWindow
SetCaretBlinkTime
GetMenuItemID
EnumDisplaySettingsW

comdlg32

GetSaveFileNameA
LoadAlterBitmap
GetOpenFileNameW
FindTextW

shell32

SHQueryRecycleBinW
ExtractAssociatedIconA

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb169f51e397d4192bf9614adb6e203a

Headers

File Characteristics

Imports

comctl32

kernel32

user32

comdlg32

shell32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 11KB - Virtual size: 30KB

.data Size: 146KB - Virtual size: 145KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 11KB - Virtual size: 30KB

.data
Size: 146KB - Virtual size: 145KB

.rsrc
Size: 11KB - Virtual size: 10KB