1a001bf258ac538f0f504dba1ae591bd

Sharing

Copy URL

Twitter E-mail

General

Target

1a001bf258ac538f0f504dba1ae591bd
Size

176KB
MD5

1a001bf258ac538f0f504dba1ae591bd
SHA1

0c978777a33b9411838843ea7cf5d6452d259f6f
SHA256

863cbe3a56be49add433cbdbc6bae91efbf6ae8908eeea7954bd15e6eb9ee0ad
SHA512

15551d488b7857e8ff71504a24ae37c8f097b731fb9bd103bc2ef304100881c6daac48ac755f2277fe4aa061e024438526b5829a8deaecee8adc71cf1934cf71
SSDEEP

1536:fVc0AoqGRw4/VStspwRhAkutYYPPZ5g8Xiaw3PV1qhp2p38T63q7VoagHa:t1q54/VNkuxPPZFXiawdI2p3Va7Voa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a001bf258ac538f0f504dba1ae591bd

Files

1a001bf258ac538f0f504dba1ae591bd
.exe windows:4 windows x86 arch:x86

27b7ab26a7681d24f8a6c50b3b446edf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegDeleteKeyA
RegEnumValueW
RegDeleteValueA
RegQueryValueA
RegDeleteValueW
RegCreateKeyExA
RegEnumValueA
RegReplaceKeyW
RegOpenKeyW
RegEnumKeyA
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
RegGetKeySecurity
RegDeleteKeyA
RegEnumKeyA
RegReplaceKeyW
RegLoadKeyW
RegEnumKeyExW
RegQueryValueExA
RegReplaceKeyA
RegLoadKeyA
RegQueryValueExW
RegFlushKey
RegDeleteKeyW
RegOpenKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumValueW
RegCreateKeyExA
RegDeleteValueA
RegLoadKeyA
RegQueryInfoKeyW
RegQueryValueA
RegEnumValueW
RegDeleteValueA
RegFlushKey
RegDeleteKeyA
RegEnumKeyExW
RegEnumValueA
RegCreateKeyW
RegEnumKeyExA
RegLoadKeyW
RegEnumKeyW
RegQueryValueExW
RegDeleteValueW
RegReplaceKeyA
RegEnumKeyA

user32

IsWindow
InsertMenuA
CloseWindow
AppendMenuA
AppendMenuW
GetWindowTextLengthA
IsMenu
DrawTextA
LoadMenuA
CopyImage
CopyIcon
GetWindowTextA
DialogBoxParamW
DrawIcon
CreateIcon

comctl32

ImageList_DrawEx
ImageList_Copy
ImageList_Remove
ImageList_Merge
ImageList_DragMove
ImageList_GetImageRect
ImageList_DragLeave
ImageList_Create
ImageList_GetImageCount
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_AddIcon
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_GetDragImage
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_GetIcon

kernel32

GetFileTime
SetLastError
GetCommandLineA
CopyFileW
GetConsoleMode
GetStdHandle
OpenFileMappingA
DeleteFileA
CreateThread
GetLastError
GetFileSize
FindAtomA
CopyFileExA
GlobalFree
ReadConsoleW
ReadFile
GetComputerNameA
DeleteAtom
CopyFileExW
ReadFile
OpenFileMappingA
DeleteAtom
GetConsoleMode
Sleep
FindAtomA
GetCPInfo
CreateThread
GetCommandLineA
GetStdHandle
OpenFile
GlobalFree
CopyFileExA
ReadConsoleW
GetFileTime
DeleteFileA
CopyFileA
GetFileSize
ExitThread
CopyFileW

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: 4KB - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27b7ab26a7681d24f8a6c50b3b446edf

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 8KB - Virtual size: 6KB

.edata Size: 4KB - Virtual size: 1KB

.bbs Size: 4KB - Virtual size: 89B

.data Size: 120KB - Virtual size: 4.6MB

.reloc Size: 4KB - Virtual size: 158B

.rdata Size: 4KB - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 8KB - Virtual size: 6KB

.edata
Size: 4KB - Virtual size: 1KB

.bbs
Size: 4KB - Virtual size: 89B

.data
Size: 120KB - Virtual size: 4.6MB

.reloc
Size: 4KB - Virtual size: 158B

.rdata
Size: 4KB - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 19KB