1ac2e7f29f9b8446b10d407964caf810

Sharing

Copy URL

Twitter E-mail

General

Target

1ac2e7f29f9b8446b10d407964caf810
Size

88KB
MD5

1ac2e7f29f9b8446b10d407964caf810
SHA1

f3455cf3ee403d86f081d94dcebdbe2905fe8a80
SHA256

863813a08b0481e634f9350f8cb43cc7689ea826c519d8abb7b8170da8119e7e
SHA512

eb9d0835d9b2bdcff37a3d5fe7cb1e4548000b717a9e46299f925437536f94dbe95f3ca6f28ea9d63ce324dd156cffc965cf29514cdb28c329e036c1e6b57bfb
SSDEEP

1536:UsU4vytMYdj+7W7+h4jPPhjwUf1Bl9i9l4jo3aHa3IbWkL:lU661WWyh4jPPhsW1Bl9wL6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ac2e7f29f9b8446b10d407964caf810

Files

1ac2e7f29f9b8446b10d407964caf810
.dll windows:4 windows x86 arch:x86

f31d779fff759d85e945278a8c4af647

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RegisterWaitForSingleObject
ReadDirectoryChangesW
ActivateActCtx
GlobalFree
GetTapeParameters
FileTimeToSystemTime
SetConsoleTextAttribute
TransmitCommChar
ClearCommError
DeleteTimerQueueEx
GetProfileIntW
HeapCompact
LCMapStringA
IsWow64Process
BeginUpdateResourceA
DeleteTimerQueue
SetFileAttributesA
TryEnterCriticalSection
SystemTimeToTzSpecificLocalTime
GetLargestConsoleWindowSize
GetCalendarInfoW
BackupWrite
CreateEventA
SetCommTimeouts
lstrcpyW
CreateFileW
lstrcmpW
GetSystemTime
ReadProcessMemory
FindNextFileW
CreateNamedPipeW
GetTempPathW
ExpandEnvironmentStringsA
GetComputerNameExW
GetVolumeInformationW
VirtualUnlock
GetComputerNameW
HeapDestroy
VirtualAlloc
LocalHandle
GetQueuedCompletionStatus
OpenJobObjectW
FindActCtxSectionStringW
IsBadStringPtrW
FormatMessageW
OpenEventW
HeapCreate
PurgeComm
VerLanguageNameW
WriteProfileStringA
SetEvent
GetOverlappedResult
IsValidLanguageGroup
SetEnvironmentVariableW
GetCommProperties
AssignProcessToJobObject
GetCommModemStatus
AddRefActCtx
SetCommBreak
SearchPathW
GetExitCodeThread
IsProcessorFeaturePresent
GetProfileIntA
FindCloseChangeNotification
EnumResourceNamesA
lstrcpynW
SystemTimeToFileTime
FindResourceExW
GetVolumePathNamesForVolumeNameW
EnumResourceLanguagesW
GetFullPathNameA
SetProcessShutdownParameters
MultiByteToWideChar
LocalLock
FindAtomW
FindFirstFileExW
CompareStringW
LockResource
TerminateThread
VirtualQuery
GetProcessHeap
MapViewOfFile
HeapFree
GetModuleFileNameA
InterlockedCompareExchange
CreateDirectoryA
LocalFree
GetTickCount
HeapAlloc
SetLastError
GetProcAddress
GetComputerNameA
EnumSystemLocalesA
LoadLibraryA

ole32

GetRunningObjectTable
OleRegGetMiscStatus
OleRegEnumVerbs
OleInitialize
CreateFileMoniker
FreePropVariantArray
StgIsStorageILockBytes
OleCreateLinkToFile
CreateILockBytesOnHGlobal
CoRevertToSelf
CoAddRefServerProcess
BindMoniker
CreatePointerMoniker
CreateGenericComposite
ReadFmtUserTypeStg
StgIsStorageFile
CoUninitialize
MkParseDisplayName

shlwapi

PathRemoveExtensionW
StrCatW
PathFindFileNameW
PathRenameExtensionW
StrStrW
PathParseIconLocationW
PathGetArgsW
PathCommonPrefixW
PathIsPrefixW
PathAddBackslashA
PathStripToRootW
PathFindExtensionW
PathIsURLW
StrStrIW
AssocCreate

shell32

SHFileOperationA
ShellAboutA
SHSetLocalizedName
SHCreateShellItem
ShellExecuteA
SHGetFolderPathAndSubDirW
SHGetFileInfoW

gdi32

ModifyWorldTransform
CreateDCW
GetTextCharset
GetSystemPaletteEntries
GetMapMode
RoundRect
PolyBezier
DeleteMetaFile
ScaleWindowExtEx
GetDIBits
CreateEnhMetaFileA
RealizePalette
SetMapMode
CreateDiscardableBitmap
EnumFontFamiliesExW
CreateICW
PlayEnhMetaFile
DeleteObject
Arc
GetCharWidthA
CreatePenIndirect
SetTextColor
GetViewportExtEx
GetDCOrgEx
ExtCreatePen
ResetDCA
GetTextCharsetInfo
SetColorAdjustment
CreateDIBitmap
SetTextAlign
CreateCompatibleDC
GetBkMode
CreatePolygonRgn
OffsetViewportOrgEx
AbortPath
ResizePalette
CreatePen

Exports

Exports

confcrt32

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f31d779fff759d85e945278a8c4af647

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB