1ae9e3f296d3c717e9e82a7875365db3

Sharing

Copy URL Twitter E-mail

General

Target

1ae9e3f296d3c717e9e82a7875365db3
Size

36KB
MD5

1ae9e3f296d3c717e9e82a7875365db3
SHA1

edcc2c1f54cea9f7e27e1fafb9b58984eee323b2
SHA256

441d3cb60d3a3584b63e042b3d8e1ebff7442480557a4a3639ae7c7c5a324405
SHA512

17446e0c190307bf3b09f7d8ad49253ed7c031de932f9ac7b61becf5406bc99ef875f8e72d7d5a29328e81d9acd1958504f6590087c213b59e9da81f68b5949a
SSDEEP

768:T4yJh4t0A6qIRfdcc9n5X1g4WsgQEIrRZddiACaH:Eyz4t03qI1tjWsgQEIFYABH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ae9e3f296d3c717e9e82a7875365db3

Files

1ae9e3f296d3c717e9e82a7875365db3
.dll windows:1 windows x86 arch:x86

2b6fdf6dda907ffa4485d88ced5fbb33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
ClearCommError
CreateIoCompletionPort
DebugActiveProcess
EnterCriticalSection
EraseTape
ExitProcess
FindCloseChangeNotification
FreeEnvironmentStringsW
GetCPInfoExW
GetCommMask
GetCommState
GetComputerNameA
GetComputerNameW
GetConsoleAliasExesLengthW
GetConsoleInputWaitHandle
GetEnvironmentVariableW
GetFileSize
GetLastError
GetModuleFileNameA
GetOEMCP
GetPrivateProfileStructA
GetProcessHeap
GetProfileIntW
GetProfileSectionA
GetStringTypeExA
HeapCreate
HeapLock
IsBadStringPtrA
IsDBCSLeadByteEx
LoadLibraryW
LocalUnlock
OpenEventA
OpenFile
OpenSemaphoreW
ReadFileScatter
ResetEvent
RtlFillMemory
SetConsoleTitleA
Sleep
VerLanguageNameW
VirtualProtect
WriteConsoleInputW
lstrcmpA
lstrcmpiA

user32

ChangeClipboardChain
CheckDlgButton
DlgDirListComboBoxA
DrawFrame
EndDialog
EnumDisplayMonitors
EnumWindows
GetAltTabInfoA
GetAncestor
GetClassWord
GetDC
GetDCEx
GetKBCodePage
GetKeyboardType
GetMenuContextHelpId
GetMenuState
GetTopWindow
GetWindowTextLengthW
InsertMenuW
IsCharAlphaA
IsDlgButtonChecked
IsWindowUnicode
RegisterClassExW
RegisterDeviceNotificationW
ReleaseDC
SendDlgItemMessageW
SendNotifyMessageA
SetDoubleClickTime
SetForegroundWindow
SetMenuItemBitmaps
SetUserObjectInformationA
ToUnicode
TranslateAcceleratorA
wsprintfA

gdi32

AbortPath
CreateFontA
GdiComment
GetBitmapBits
GetBitmapDimensionEx
GetCharABCWidthsFloatA
GetClipBox
GetClipRgn
GetCurrentObject
GetDIBColorTable
GetMetaFileA
GetPath
GetPixel
GetPixelFormat
GetTextCharacterExtra
GetTextFaceA
GetTextFaceW
OffsetWindowOrgEx
PolyPolygon
ResetDCW
SaveDC
SetGraphicsMode
SetWinMetaFileBits

msvcrt

_clearfp
_ctype
_getcwd
_setsystime
_snwprintf
_strlwr
_wspawnle
setbuf
strlen
tmpfile
wcstod
wcstol

Exports

Exports

CtbrvsH
ENbtmjbG
EwZDuxlkhrzixFA
FmrzhjqFaejLSE
GfVvAtHrfxfkqoidl
HTGnssagsiretyTq
Hutgxzs
OcYucyCpeOvbbewx
PNedfdGzhny
SpKIfRO
TLeFww
UiSiwJaDLnwrrTdKgh
VjOccPlQgc
YdwdeiPIvNxhdweuV
YegGMbsixTpwEOh

Sections

.text
Size: 9KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 512B - Virtual size: 401B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b6fdf6dda907ffa4485d88ced5fbb33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 84KB

.data Size: 23KB - Virtual size: 34KB

.fdata Size: 512B - Virtual size: 401B

.rsrc Size: 1024B - Virtual size: 784B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 84KB

.data
Size: 23KB - Virtual size: 34KB

.fdata
Size: 512B - Virtual size: 401B

.rsrc
Size: 1024B - Virtual size: 784B

.reloc
Size: 2KB - Virtual size: 1KB