1a4fd8d2c2ffe4fe57b15662469838ba

Sharing

Copy URL Twitter E-mail

General

Target

1a4fd8d2c2ffe4fe57b15662469838ba
Size

508KB
MD5

1a4fd8d2c2ffe4fe57b15662469838ba
SHA1

b888291b2ccf28fc0175b4e45d62a087f94253af
SHA256

ec91cc3456a109733d1eac0a49af31eec0557aa6cc9dc2b71164d77a088a5d0e
SHA512

645766fbf4f89ff98e791a8840526adab1bc3d8d191a3ce92ee28527521a7cf0d13bab8cf27e5025a7e0d71b280eea324b46dda0588510400de810fa1daccafb
SSDEEP

12288:/OlREqWcVthQtJ74+M1eLJ7IhXsMj7U4TX09H+ODJD:CRE4rQtJ74jWJ7Ih8s7N0cODJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a4fd8d2c2ffe4fe57b15662469838ba

Files

1a4fd8d2c2ffe4fe57b15662469838ba
.exe windows:4 windows x86 arch:x86

12a74ee93ae2cfcb3c31072ea46ac955

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontA
PrintDlgW
ReplaceTextA

gdi32

SetTextAlign
GetCharWidthFloatA
GetCharWidth32W
CombineRgn
GetTextExtentPoint32W
GetTextCharsetInfo
CreateBitmapIndirect
FrameRgn
CloseMetaFile
SaveDC
GetTextCharset
GetCharacterPlacementW
GetFontData
DescribePixelFormat
CreateEnhMetaFileA
SelectPalette
SetMetaFileBitsEx
ResetDCA
EnumFontsW
GetTextExtentExPointW
PtInRegion
Chord
SelectObject

wininet

GopherGetAttributeA
GopherFindFirstFileW
InternetCanonicalizeUrlA

comctl32

InitCommonControlsEx

user32

RegisterClassA
WindowFromDC
RegisterClassExA
UnpackDDElParam

shell32

ShellExecuteExA
DuplicateIcon
DragQueryFile

kernel32

VirtualQuery
CreateMutexA
CompareStringW
VirtualFree
GetLocaleInfoA
GetEnvironmentStrings
GetVersionExA
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
TlsSetValue
GetCommandLineW
GetModuleFileNameA
GetCurrentProcessId
GetTickCount
GetSystemTimeAsFileTime
GetCommandLineA
FreeEnvironmentStringsA
VirtualProtect
VirtualAlloc
MultiByteToWideChar
LeaveCriticalSection
GetCurrentThread
EnumSystemLocalesA
GetStringTypeW
GetCurrentThreadId
GetTimeFormatA
UnhandledExceptionFilter
QueryPerformanceCounter
FillConsoleOutputAttribute
TlsGetValue
GetOEMCP
HeapCreate
TerminateProcess
GetStartupInfoA
SetLastError
LoadLibraryA
SetStdHandle
SetFileAttributesW
EnterCriticalSection
GetDateFormatA
GetStdHandle
InterlockedExchange
FreeEnvironmentStringsW
HeapFree
OpenMutexA
SetFilePointer
FlushFileBuffers
GetStartupInfoW
CompareStringA
HeapAlloc
HeapSize
RtlUnwind
WideCharToMultiByte
IsValidLocale
SetEnvironmentVariableA
GetFileType
ReadFile
GetLastError
TlsFree
SetHandleCount
LCMapStringW
GetSystemInfo
HeapReAlloc
TlsAlloc
GetModuleFileNameW
IsValidCodePage
GetConsoleCursorInfo
GetCurrentProcess
GetExitCodeProcess
WriteFile
GetUserDefaultLCID
CloseHandle
GetACP
GetStringTypeA
GetEnvironmentStringsW
GetTimeZoneInformation
GetModuleHandleA
IsBadWritePtr
LCMapStringA
GetLocaleInfoW
ExitProcess
GetCPInfo

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12a74ee93ae2cfcb3c31072ea46ac955

Headers

File Characteristics

Imports

comdlg32

gdi32

wininet

comctl32

user32

shell32

kernel32

Sections

.text Size: 344KB - Virtual size: 343KB

.rdata Size: 42KB - Virtual size: 52KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 344KB - Virtual size: 343KB

.rdata
Size: 42KB - Virtual size: 52KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 16KB - Virtual size: 15KB