1ed4c239c2d7eb1cc399eebee02877ec

Sharing

Copy URL Twitter E-mail

General

Target

1ed4c239c2d7eb1cc399eebee02877ec
Size

556KB
MD5

1ed4c239c2d7eb1cc399eebee02877ec
SHA1

ac3c078b1f4d387359ff2ad270543e7c43d81abc
SHA256

5b0b1bc58357360f469ab8a82e9d6b18de93fa09f80d4802b9cac3bff36a783f
SHA512

163982f4ee629efdd4e381252979d72756d9867d480f29b0599185af55327be53cfc36e77f5156400d1709779fe5d6e3d23cd3a1455fbe8dfc801f529901da33
SSDEEP

6144:WJxrfOFgIOayNzMEMiV6ZRVg2cVOFXC5YENjYNlkbUPFpAWA9lAUPE:WJxrRsyNzMBiV61gONCtNjYkbQnA9d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ed4c239c2d7eb1cc399eebee02877ec

Files

1ed4c239c2d7eb1cc399eebee02877ec
.exe windows:4 windows x86 arch:x86

e3199e479ac98401fd0795dcb853fd49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
WaitForSingleObject
CreateThread
GetFileSize
CreateMutexA
ExitProcess
ResetEvent
SetThreadPriority
CreateEventA
TerminateThread
SetFilePointer
VirtualProtect
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateFileA
MulDiv
ReadFile
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetVersion
GetLastError
GetFileType
EnterCriticalSection
LeaveCriticalSection
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetSystemTime
GetLocalTime
FatalAppExitA
RtlUnwind
CreateDirectoryA
CloseHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetCurrentThreadId
TlsSetValue
GetTempFileNameA
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
SetEndOfFile
RaiseException
SetConsoleCtrlHandler
FlushFileBuffers
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetACP
GetOEMCP
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
Sleep
GetTempPathA
HeapFree
FindNextFileA
FindFirstFileA
DeleteFileA
HeapAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc

user32

DispatchMessageA
SystemParametersInfoA
ShowCursor
PostQuitMessage
DefWindowProcA
LoadCursorA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetCursorPos
PeekMessageA
TranslateMessage
LoadIconA
WaitMessage
PostMessageA
SendMessageA
GetClientRect
ClientToScreen
EnumDisplaySettingsA
ChangeDisplaySettingsA
MessageBoxA

gdi32

RemoveFontResourceA
GetStockObject
GetDeviceCaps
SetMapMode
TextOutA
SetBkColor
GetTextExtentPoint32A
CreateFontA
DeleteObject
AddFontResourceA
SelectObject
SetTextColor
SetBkMode

dsound

ord1

ddraw

DirectDrawEnumerateA
DirectDrawCreate

dinput

DirectInputCreateA

winmm

timeGetTime

Sections

.text
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3199e479ac98401fd0795dcb853fd49

Headers

File Characteristics

Imports

kernel32

user32

gdi32

dsound

ddraw

dinput

winmm

Sections

.text Size: 476KB - Virtual size: 476KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 20KB - Virtual size: 40KB

.idata Size: 8KB - Virtual size: 4KB

.reloc Size: 24KB - Virtual size: 52KB

.text
Size: 476KB - Virtual size: 476KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 40KB

.idata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 24KB - Virtual size: 52KB