1a34cff239dcc4f87423224b2c11a254

Sharing

Copy URL Twitter E-mail

General

Target

1a34cff239dcc4f87423224b2c11a254
Size

250KB
MD5

1a34cff239dcc4f87423224b2c11a254
SHA1

b48e8687b97381e9fcec8b3506e466509b68c455
SHA256

db37e5de44f7949a5bb2fcd3bf24817c5c6f2b292e62400d620f4d6c0bd2ba66
SHA512

e5a969bf4ee0379dbc5bacec609abee8c7ac84120e1f8b972b08bb624128a3711bc071e0c3de9f5f5d06cbd2033ab06db92984ab02d3d543d239a6b0aabfa1cf
SSDEEP

6144:Al8yGvzzkWbq6XrxTZ3YJgxs/zgyZDNgG1e6cGM+ErxpaDmCuTpV:9j7Pbq67dtxs/zgyZDNgGzaV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a34cff239dcc4f87423224b2c11a254

Files

1a34cff239dcc4f87423224b2c11a254
.exe windows:4 windows x86 arch:x86

16aea9376c204ac989bff84e48b4c4b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
sprintf
strlen
memcpy
strcpy
strcat
strncpy
fread
memcmp
abs
pow
longjmp
malloc
free
strtod
calloc
fopen
fseek
fclose
strcmp
strncmp
_open_osfhandle
_fdopen
setvbuf
getenv
sscanf
localtime
mktime
vfwprintf
vfprintf
vswprintf
vsprintf
wcslen
memchr
wcscpy
wcscat
wcsncpy
swprintf
_getcwd
toupper
tolower
strchr
fprintf
fgets
printf
feof
time
ctime
_fileno
_isatty
exit
fwrite
system
bsearch
qsort
memmove
signal
floor
_setjmp
_isnan
_lseek
_close
_fstat
_open
_read
_write

kernel32

GetModuleHandleA
HeapCreate
SetCurrentDirectoryA
HeapDestroy
ExitProcess
GetCurrentThreadId
Sleep
GlobalLock
GlobalUnlock
WriteFile
HeapFree
CloseHandle
CreateFileA
HeapAlloc
ReadFile
SetFilePointer
GetFileSize
MulDiv
GetCurrentProcessId
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetTickCount
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
AllocConsole
SetConsoleTitleA
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetEnvironmentVariableA
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
DuplicateHandle
DeleteCriticalSection
CreateThread
IsBadReadPtr
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
SuspendThread
LeaveCriticalSection
ResumeThread
GetCommandLineA
GetEnvironmentStringsA
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
TerminateThread
GetLastError
SetLastError
CreateFileW

ole32

RevokeDragDrop

gdi32

StartDocA
GetMapMode
SetMapMode
GetDeviceCaps
DPtoLP
StartPage
EndPage
EndDoc
GetObjectType
GetStockObject
CreateDCA
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDIBits
DeleteObject
GetObjectA
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateDIBSection
SetDIBits

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

comctl32

CreateToolbarEx
ImageList_ReplaceIcon
ImageList_Add
CreateStatusWindowA
InitCommonControls
InitCommonControlsEx

user32

SendMessageA
DispatchMessageA
GetMessageA
PostMessageA
TranslateMessage
SetRect
OpenClipboard
CountClipboardFormats
EnumClipboardFormats
GetClipboardFormatNameA
GetClipboardData
CloseClipboard
IsWindow
GetParent
SetPropA
DestroyWindow
GetPropA
GetCapture
ReleaseCapture
CallWindowProcA
CreateWindowExA
SetWindowPos
LoadIconA
SetWindowLongA
GetClientRect
InvalidateRect
MessageBoxA
EnableWindow
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
UnregisterClassA
DefWindowProcA
LoadCursorA
RegisterClassExA
IsWindowEnabled
GetSystemMetrics
SetFocus
CreateAcceleratorTableA
SetForegroundWindow
BringWindowToTop
TranslateAcceleratorA
DestroyAcceleratorTable
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
GetSysColorBrush
DrawIconEx
DestroyIcon
LoadImageA
GetIconInfo
GetPropW
SetWindowTextA
GetWindowLongW
RemovePropW
CallWindowProcW
SetWindowLongW
SetPropW
SendMessageW
RemovePropA
GetWindowRect
ScreenToClient
PeekMessageA
GetWindow
SetActiveWindow
RegisterClassA
AdjustWindowRect
GetActiveWindow
ShowWindow
GetMenu
SetCursorPos
SetCursor
SystemParametersInfoA
GetKeyState
SetCapture
GetCursorPos
MapWindowPoints
MoveWindow
FillRect
EnumChildWindows
MsgWaitForMultipleObjects
GetFocus
IsChild
GetClassNameA
PostThreadMessageA

Sections

.code
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 1024B - Virtual size: 822B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

16aea9376c204ac989bff84e48b4c4b5

Headers

File Characteristics

Imports

crtdll

kernel32

ole32

gdi32

comdlg32

comctl32

user32

Sections

.code Size: 19KB - Virtual size: 19KB

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 512B - Virtual size: 11B

.data Size: 48KB - Virtual size: 153KB

.rsrc Size: 1024B - Virtual size: 736B

.flat Size: 1024B - Virtual size: 822B

.code
Size: 19KB - Virtual size: 19KB

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 512B - Virtual size: 11B

.data
Size: 48KB - Virtual size: 153KB

.rsrc
Size: 1024B - Virtual size: 736B

.flat
Size: 1024B - Virtual size: 822B