1b1e952587cd548ba546683ef010d543

Sharing

Copy URL Twitter E-mail

General

Target

1b1e952587cd548ba546683ef010d543
Size

140KB
MD5

1b1e952587cd548ba546683ef010d543
SHA1

2a89294afea503614a426e3e46271dc77693bf38
SHA256

46d26a14afa774a8820edcf2c0af9ce07232cfabd6a85089b1f96b3d94a202ae
SHA512

f2e2dba708c11b4cf4a6eec4d0b11527bc6685587a561cffd823c3f0f90efa3a0b902a5c059d9b152e88d50367e066e9ea3d1ba72768a0cf8160c2bcc39c5ff3
SSDEEP

3072:DdlvwQqm3hYqKqWl1a+dJuFJXSrm1YarWdXKFbscbJv:h9om3hYqKj1BJWXEm1YvcNsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b1e952587cd548ba546683ef010d543

Files

1b1e952587cd548ba546683ef010d543
.exe windows:5 windows x86 arch:x86

767a85c499654f3bed116d42cc8e5a35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextW
SetWindowPlacement
EnumWindows
SetRect
ScrollWindowEx
IntersectRect
OemToCharA
SwitchToThisWindow
WindowFromPoint
RegisterClassA
RegisterWindowMessageA
GetClassInfoExA
GetCursorPos
ActivateKeyboardLayout
GetKeyboardLayoutNameW
ToUnicodeEx
MapWindowPoints
SendMessageTimeoutA
OemToCharBuffA
LoadImageW
GetWindowLongW
IsWindowUnicode
CreateWindowExW
ScrollWindow
DefWindowProcW
DrawEdge
GetMenu
GetWindowDC
FrameRect
CopyImage
IsZoomed
FillRect
GetWindowTextW
SetScrollRange
PostMessageA
TileWindows
PostMessageW
CharToOemW
wsprintfA
ChildWindowFromPoint
GetDlgItemTextA
ValidateRect
GetMenuItemID
WaitForInputIdle
LoadMenuA
DestroyIcon
DispatchMessageW
DispatchMessageA
GetClassInfoW
ReplyMessage
SetWindowLongW
CreateIconFromResource
SetWindowLongA
GetScrollRange
CreateDialogParamW
CharPrevA
IsCharLowerA
ShowOwnedPopups
GetClassNameW
LockWindowUpdate
RegisterWindowMessageW
DefDlgProcW
SetMenu
GetMenuItemCount
DestroyAcceleratorTable
GetUserObjectInformationA
GetMenuCheckMarkDimensions
ShowCursor
GetSysColor
SetDlgItemInt
DrawIconEx
ScreenToClient
GetClassInfoA
CallWindowProcA
ExitWindowsEx
InvalidateRect
GetMessageW
GetMenuItemInfoW
CheckDlgButton
GetDlgItemInt
GetClassLongA
DefDlgProcA
DefWindowProcA
CharToOemBuffA
LoadCursorW
GetWindowRect
ShowWindow
GetDC
CharToOemA
SetDlgItemTextA
IsCharAlphaA
CreateIconIndirect
GetWindowPlacement
GetCaretPos
CreateWindowExA
SetClassLongW
BeginDeferWindowPos
ShowCaret
DrawTextExW
SendMessageA
GetNextDlgGroupItem
GetClientRect
IsCharUpperA
GetSystemMenu
keybd_event
SetForegroundWindow
ClipCursor
BringWindowToTop
EnableScrollBar
AppendMenuW
GetForegroundWindow
CreateAcceleratorTableW
RegisterClassExW
LookupIconIdFromDirectory
OpenInputDesktop
CheckRadioButton
GetMonitorInfoW
GetClassLongW
SetScrollInfo
DrawFrameControl
DrawTextA
mouse_event
GetUpdateRgn

kernel32

FindNextFileA
GetStartupInfoA
SetLocalTime
ConvertDefaultLocale
SystemTimeToFileTime
UnmapViewOfFile
SetEndOfFile
LCMapStringW
SearchPathW
SuspendThread
GlobalFlags
SizeofResource
CallNamedPipeW
GlobalAddAtomW
AreFileApisANSI
GetComputerNameW
HeapAlloc
LocalLock
lstrcatW
GetLocalTime
CreateSemaphoreA
SetThreadAffinityMask
CreatePipe
GetShortPathNameA
GetNumberFormatA
GetHandleInformation
GetComputerNameA
SetCommBreak
GetShortPathNameW
GetStdHandle
DeleteFileA
GetFileType
CloseHandle
GetSystemDirectoryA
EnumResourceTypesA
GetBinaryTypeA
EnumResourceNamesA
CreateFileA
VirtualQuery
GlobalGetAtomNameW
SetThreadExecutionState
HeapFree
GetProcessHeap
SetFileAttributesW
GetCurrentThreadId
lstrlenA
MapViewOfFile
GetCommState
GetOEMCP
SetFileApisToOEM
InitializeCriticalSection
LoadLibraryExA
GetOverlappedResult
SearchPathA
GetFileSize
GetModuleFileNameA
CopyFileA
GetTickCount

shlwapi

PathIsUNCW

msvcrt

_controlfp
fgetc
swprintf
iswdigit
__set_app_type
gmtime
clearerr
strrchr
strerror
__p__fmode
getc
__p__commode
strspn
iswctype
fputs
iswspace
atoi
strchr
clock
exit
wcsncpy
ftell
wcscat
_amsg_exit
ungetc
_initterm
_ismbblead
localtime
wcsstr
fwrite
_XcptFilter
fflush
wcscmp
fgets
memset
wcsncmp
malloc
_exit
wcschr
_cexit
fprintf
wcstod
time
isspace
isupper
islower
__setusermatherr
__getmainargs

Exports

Exports

?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.align
Size: 1KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 1024B - Virtual size: 717B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

767a85c499654f3bed116d42cc8e5a35

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.align Size: 1KB - Virtual size: 124KB

.date Size: 512B - Virtual size: 99B

.dati Size: 6KB - Virtual size: 5KB

.char Size: 1024B - Virtual size: 717B

.odata Size: 13KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.align
Size: 1KB - Virtual size: 124KB

.date
Size: 512B - Virtual size: 99B

.dati
Size: 6KB - Virtual size: 5KB

.char
Size: 1024B - Virtual size: 717B

.odata
Size: 13KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 2KB - Virtual size: 1KB