1b06e655d9f7543a33a71ed82d7396e6

Sharing

Copy URL Twitter E-mail

General

Target

1b06e655d9f7543a33a71ed82d7396e6
Size

395KB
MD5

1b06e655d9f7543a33a71ed82d7396e6
SHA1

1047370f6a32981a5092adef25264cb9f3ccfd94
SHA256

e23274781edf3a07d1975f6975ea4ba617b2bd2b199328a713c69f44cbee101c
SHA512

e45db3bcd07364f43bb9f37d846a72b6655142f954e493e62857a5f2bfc56c56b72bc70c122724dcf059d03801cb273a95470dc48dc32a1ad28b8d93c7233779
SSDEEP

6144:lAvYFy18RsKxy6psjXvb0+ishpaD8Wjg8fmV/z5GGaondU9WHIcFIfXUVDJTHLka:yNQOvb1dhpaD9jgimB9d5ocFcnkfBH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b06e655d9f7543a33a71ed82d7396e6

Files

1b06e655d9f7543a33a71ed82d7396e6
.exe windows:4 windows x86 arch:x86

793d4cac2e2e34cee1c5ee22c7328d5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogW
InitializeCriticalSection
DebugBreak
WaitForMultipleObjects
GetLastError
GetConsoleTitleW
HeapAlloc
LoadLibraryA
GetProcessAffinityMask
GetCommandLineA
GetTempFileNameA
EnumResourceTypesA
GetProfileSectionA
lstrlenW
InterlockedExchange
VirtualFree
ReadFile
GetVersion
HeapCreate
GetPrivateProfileSectionNamesA
FreeEnvironmentStringsW
EnterCriticalSection
HeapDestroy
FreeEnvironmentStringsA
CopyFileA
MultiByteToWideChar
GetEnvironmentStringsW
GetStdHandle
GetProcAddress
GetDateFormatW
GetStartupInfoA
HeapFree
SetConsoleActiveScreenBuffer
DeleteCriticalSection
CreateSemaphoreW
SetHandleCount
VirtualQuery
WriteFileEx
SetLastError
GetSystemTimeAsFileTime
VirtualProtectEx
TlsAlloc
SetTimeZoneInformation
GetFileType
HeapReAlloc
WriteFile
ExitProcess
GetEnvironmentStrings
ExitThread
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
TlsSetValue
GetModuleHandleA
GetCommandLineW
TlsFree
TlsGetValue
GetCurrentThreadId
RtlUnwind
IsBadWritePtr
GetStartupInfoW
GetCurrentThread
GetCurrentProcessId
GetModuleFileNameA
UnhandledExceptionFilter
VirtualLock
GetModuleFileNameW
GetTickCount
LeaveCriticalSection

shell32

DragQueryFileAorW
SHGetSpecialFolderPathA
ExtractAssociatedIconExW
SHFileOperation

comdlg32

ChooseColorA
ChooseColorW
LoadAlterBitmap
ReplaceTextA
PrintDlgA
ReplaceTextW
GetFileTitleA
GetOpenFileNameA
FindTextW
PageSetupDlgA
PrintDlgW
GetSaveFileNameA
GetSaveFileNameW
ChooseFontW
PageSetupDlgW
GetOpenFileNameW
ChooseFontA

gdi32

EnumICMProfilesA
Chord
GetStockObject
SetROP2
ChoosePixelFormat
GetLogColorSpaceW
GetMapMode
ScaleViewportExtEx
GetClipBox
ColorCorrectPalette
PlayEnhMetaFileRecord
GetICMProfileW
ExtSelectClipRgn

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

793d4cac2e2e34cee1c5ee22c7328d5e

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

gdi32

Sections

.text Size: 118KB - Virtual size: 117KB

.data Size: 266KB - Virtual size: 274KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 118KB - Virtual size: 117KB

.data
Size: 266KB - Virtual size: 274KB

.rsrc
Size: 10KB - Virtual size: 10KB