1ae3e6283e1d801dc6bc7e47f9049bd8

Sharing

Copy URL Twitter E-mail

General

Target

1ae3e6283e1d801dc6bc7e47f9049bd8
Size

70KB
MD5

1ae3e6283e1d801dc6bc7e47f9049bd8
SHA1

2b5601098fbc2959f81f3736dfeee0fbec5dc555
SHA256

e2e90cabcfef715f476c7081c33dbe781e7dfb675266b55dc61c7d923b245c97
SHA512

b162acee01737ef03e6df596c05e01f77cc6dc10c1d47144404ed9c727a12ca9583cb5e62a80a805a5e07949a5edc028226f7d3ecb65854a6d66c109b1070614
SSDEEP

1536:pv6dT7u1hi1tPyBclM9wHodufJy0OWdOVnBB8OWuXJu6rx4Rv:pv6EqEulMCIdufJyhVnBB8uZ1x4d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ae3e6283e1d801dc6bc7e47f9049bd8

Files

1ae3e6283e1d801dc6bc7e47f9049bd8
.exe windows:4 windows x86 arch:x86

8e286e191446ec9e5147b353728bcecf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

GetUserNameExW

msvcrt

memset
_initterm
_amsg_exit
iswdigit
_exit
?terminate@@YAXXZ
log
_controlfp
__p__fmode
__setusermatherr
_wcmdln
_wtoi64
_initterm
_cexit
__wgetmainargs
memcpy
exit
__set_app_type
__p__commode
_XcptFilter

ole32

CoGetClassObject
OleLockRunning
OleUninitialize
CoInitializeEx
StringFromCLSID
CLSIDFromString
StringFromGUID2
CoSetProxyBlanket
CreateStreamOnHGlobal
CoCreateInstance
OleInitialize
CoInitializeSecurity
CoAllowSetForegroundWindow
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW
CommandLineToArgvW
FindExecutableW
SHAppBarMessage
ShellExecuteExW

ddraw

DirectDrawCreate
DirectDrawCreateEx

crypt32

CryptUnprotectData
CryptProtectData

gdi32

DeleteObject
GetStockObject
CreateSolidBrush
SelectObject
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateCompatibleBitmap
DeleteDC
GetObjectW

kernel32

InterlockedDecrement
CreateEventW
SetUnhandledExceptionFilter
HeapSetInformation
DeleteCriticalSection
TerminateProcess
HeapAlloc
LeaveCriticalSection
InitializeCriticalSection
FlushInstructionCache
ReleaseMutex
WaitForMultipleObjects
GetSystemTimeAsFileTime
CreateFileW
MulDiv
FindResourceExW
VirtualAlloc
GlobalAlloc
GlobalUnlock
GetComputerNameW
lstrcmpW
GetCurrentThreadId
HeapFree
FormatMessageW
LoadLibraryW
HeapSize
GetLastError
VirtualLock
InterlockedExchange
GlobalFree
VirtualUnlock
lstrlenW
SetEvent
InterlockedCompareExchange
RaiseException
GetThreadLocale
OpenProcess
UnhandledExceptionFilter
LoadLibraryExW
HeapDestroy
Sleep
ProcessIdToSessionId
GetACP
LockResource
LoadResource
CreateThread
lstrlenA
GetLocaleInfoW
GetModuleHandleA
LCMapStringW
SetLastError
LocalAlloc
GetProcessId
CreateMutexW
GetLocaleInfoA
IsDebuggerPresent
GlobalHandle
GetTickCount
WaitForSingleObject
GetTempPathW
MultiByteToWideChar
EnterCriticalSection
GetSystemInfo
GetSystemDirectoryW
LocalFree
GetModuleFileNameW
VirtualFree
CloseHandle
LoadLibraryA
InterlockedIncrement
GlobalLock
WideCharToMultiByte
FindResourceW
QueryPerformanceCounter
GetVersionExW
IsProcessorFeaturePresent
ResetEvent
FreeLibrary
HeapReAlloc
GetStartupInfoW
GetCurrentProcess
GetVersionExA
GetProcAddress
SizeofResource
GetModuleHandleW

gdiplus

GdipCloneImage
GdipAlloc
GdiplusStartup
GdipCreateBitmapFromFile
GdipDisposeImage
GdiplusShutdown
GdipFree
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFileICM

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e286e191446ec9e5147b353728bcecf

Headers

File Characteristics

Imports

secur32

msvcrt

ole32

version

shell32

ddraw

crypt32

gdi32

kernel32

gdiplus

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 2KB