1f4235ec8532b3e4d80fae0d5e08890f

Sharing

Copy URL Twitter E-mail

General

Target

1f4235ec8532b3e4d80fae0d5e08890f
Size

183KB
MD5

1f4235ec8532b3e4d80fae0d5e08890f
SHA1

af0cfcf470cb9bb09113cced38f6dcc9adc726b1
SHA256

aa14105e5c7fffe12171ae85076c9c231312e0a49f79905f4aea302044f21305
SHA512

d628c04014bf003d252a315bbfe4d6836afbf857d16b829ebad6e8f69084a4f4dec722342b6eee977cb7c70cfe0a76891fa9f1136957965194047a55d211e8a2
SSDEEP

3072:RIL4cewfF6FmgF63CLjPentd85YPx37jfA0YC5HE9WVHzYmQWuB:RMY4FobF63OutzPV3fpYCxMkH7u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f4235ec8532b3e4d80fae0d5e08890f

Files

1f4235ec8532b3e4d80fae0d5e08890f
.exe windows:4 windows x86 arch:x86

3a273b6b8e7b4ffae0995b9f0afd3530

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoCreateInstance
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoInitialize
OleFlushClipboard
CoRetireServer
CoUninitialize
CoRevokeClassObject
CoTaskMemFree
CLSIDFromProgID
OleIsCurrentClipboard
OleInitialize
OleUninitialize
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW

shlwapi

PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW

gdi32

GetMapMode
SetWindowExtEx
SetViewportOrgEx
ScaleViewportExtEx
DeleteDC
ExtSelectClipRgn
OffsetViewportOrgEx
PtVisible
ScaleWindowExtEx
Escape
GetDeviceCaps
RectVisible
ExtTextOutW
GetStockObject
SelectObject
GetTextColor
TextOutW
GetBkColor
GetRgnBox

kernel32

RemoveDirectoryW
GetCalendarInfoW
CreateDirectoryW
SystemTimeToFileTime
GetSystemDefaultLangID
InterlockedDecrement
FindNextFileW
GetLocaleInfoW
LocalFileTimeToFileTime
ReadFile
DeleteFileW
lstrcpyW
GetCurrentProcessId
LoadLibraryW
GetFileAttributesW
MultiByteToWideChar
EnumResourceNamesA
SetFileTime
GetModuleFileNameW
SetFilePointer
ExitProcess
EnumResourceLanguagesW
CreateFileW
ConvertDefaultLocale
GetVersion
WriteFile
FindFirstFileW
MoveFileW
WideCharToMultiByte
FindClose
GetCurrentDirectoryW
GetProcAddress

user32

CharNextW
RegisterWindowMessageW
SetRect
GetNextDlgTabItem
InvalidateRgn
GetNextDlgGroupItem
GetPropW
IsRectEmpty
InvalidateRect
GetClassLongW
SetPropW
WinHelpW
CreateWindowExW
MessageBeep
GetClassInfoExW
CopyAcceleratorTableW
RemovePropW
SendDlgItemMessageA
CharUpperW
DestroyMenu

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a273b6b8e7b4ffae0995b9f0afd3530

Headers

File Characteristics

Imports

oleacc

ole32

shell32

advapi32

shlwapi

gdi32

kernel32

user32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 74KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 74KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 372KB