1ff7c1df687a60679209d6de8c0b652c

General

Target

1ff7c1df687a60679209d6de8c0b652c
Size

30KB
MD5

1ff7c1df687a60679209d6de8c0b652c
SHA1

0df8a65b826bde0f3a8050133054ce47d06c2a29
SHA256

92a536bbebc20f0b6f740dfbd919b07eb40fffbca84c1d531dc4a8420c6ec4bb
SHA512

f721721742db0b7b047bbfdbebd692c3098fa5e4a3c1fadae7a4a9997f4f78f67314343e499064a53914809102400e791d6683758c03b8f91aa5214dfe1b01f2
SSDEEP

384:LuePBTacwcJoK4YRDwh1P9XTB9jyQkHBzG7pZLA9NHnEa5AgVywgwkWSMJyD8K9o:LXQylwh3jmzELuA8y7WSMgxm7ko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ff7c1df687a60679209d6de8c0b652c

Files

1ff7c1df687a60679209d6de8c0b652c
.exe windows:4 windows x86 arch:x86

b569c239f8a86867c437a6f281148085

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
HeapDestroy
VirtualFree
InitializeCriticalSection
SetEvent
SetEndOfFile
LoadResource
CreateProcessA
FormatMessageA
QueryPerformanceCounter
HeapCreate
lstrlenW
FreeEnvironmentStringsW
TerminateThread
GlobalUnlock
SetStdHandle
DuplicateHandle
GetCommandLineW
GetFileTime
SetLastError
GetSystemDirectoryA
GetTickCount
LocalFree

msvcrt

_pctype
strchr
wcsncmp
atol
memmove
_vsnwprintf
__dllonexit
_onexit
_wfopen
_strcmpi
rand
_splitpath
wcscat
_strnicmp
strcmp

ole32

CoGetPSClsid
OleGetIconOfClass
CoGetObject
CoSuspendClassObjects
OleFlushClipboard
CoTaskMemFree
CoRevokeClassObject
OleRun
CoFreeLibrary
OleInitialize
CoUnmarshalInterface
OleGetClipboard
CoGetMalloc
CoDosDateTimeToFileTime
CoGetStdMarshalEx

user32

DrawTextA
LoadAcceleratorsA
RegisterWindowMessageA
GetWindow
SetWindowLongA
FrameRect
CallWindowProcA
TrackPopupMenuEx
GetFocus
SetCursor
RegisterClassExA
GetDlgItemTextA
GetSystemMetrics
SetClassLongA

gdi32

CreateCompatibleDC
GetTextMetricsA
RectInRegion
SelectObject
CreateSolidBrush
GetTextExtentPoint32A
GetStockObject
DeleteDC
MoveToEx
GetDeviceCaps
SetBkColor

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b569c239f8a86867c437a6f281148085

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

user32

gdi32

Sections

.text Size: 25KB - Virtual size: 24KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 25KB - Virtual size: 24KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 984B