1b1f7f4f73903bd01572d547375679e3

Sharing

Copy URL Twitter E-mail

General

Target

1b1f7f4f73903bd01572d547375679e3
Size

592KB
MD5

1b1f7f4f73903bd01572d547375679e3
SHA1

90d5e95a8b57739a28169397ca0b8a59dc230167
SHA256

eaa7b71a63af5625809c7529d0013d6f25847aae4fb9f14d34b72b029dce8607
SHA512

325d8305f0665f0ee53882d4cec032b01c04588e5f6c4d206077d6882e45ad2a7da67cb91b8a794db61618cf55a676675750d6826d184432dc69ac3ef3e9ef60
SSDEEP

12288:M/aanhbAmiVVH4IIqX9ygCXBev8BRd2nI5FM32:mhPZaN5CMv8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b1f7f4f73903bd01572d547375679e3

Files

1b1f7f4f73903bd01572d547375679e3
.exe windows:4 windows x86 arch:x86

976f5f0aad2050da014ff05be1ed31c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcW
SwapMouseButton
CharToOemW
OemKeyScan
SetWindowWord
GetKeyboardLayoutList
SetWindowTextW
FillRect
GetCapture
DestroyWindow
GetQueueStatus
UnregisterClassA
AppendMenuA
SystemParametersInfoA
DrawStateW
GetLastActivePopup
CopyImage
DialogBoxIndirectParamW
DlgDirSelectComboBoxExW
SetMenuItemInfoA
BeginPaint
GetKeyNameTextA
CopyAcceleratorTableW
DrawIconEx
CreateMDIWindowW
EnumPropsW
LoadStringW
ShowWindow
DrawMenuBar
ToAscii
MessageBoxA
DeleteMenu
IsCharAlphaNumericA
SetDlgItemTextA
FindWindowW
SetWinEventHook
IsDialogMessageA
EnumDisplayDevicesW
SetSystemCursor
OffsetRect
AnimateWindow
RegisterClassA
LoadCursorW
EnumWindowStationsW
CreateDialogIndirectParamW
RegisterClassExA
OemToCharW
WINNLSGetIMEHotkey
wvsprintfW
GetClipboardViewer
GetWindowTextLengthA
GetSysColor
EnableScrollBar
EnumDisplayMonitors
TabbedTextOutA
GetKeyState
InsertMenuW
OpenIcon
SetClassLongA
MoveWindow
ToAsciiEx
GetKeyNameTextW
CreateWindowExA
CallMsgFilterA
FreeDDElParam
DestroyIcon

wininet

HttpAddRequestHeadersW
GetUrlCacheEntryInfoExA
InternetQueryOptionW
InternetConfirmZoneCrossingA

advapi32

CryptVerifySignatureW
RegCloseKey
InitiateSystemShutdownA
CryptAcquireContextW
CryptAcquireContextA
CryptVerifySignatureA
RegOpenKeyExW
RegLoadKeyA
CryptContextAddRef
RegReplaceKeyW
RegSaveKeyW
RegEnumValueW
RegOpenKeyW

kernel32

SetFilePointer
EnumResourceTypesA
lstrcatW
GetStdHandle
HeapAlloc
SetStdHandle
lstrcmpiA
InitializeCriticalSection
GetVersionExA
VirtualQuery
TlsFree
ReadFile
GetDateFormatA
MultiByteToWideChar
GetConsoleOutputCP
UnhandledExceptionFilter
CloseHandle
GetTimeFormatA
GetFileType
GetCPInfo
IsBadWritePtr
SetLastError
IsValidCodePage
GetLocaleInfoA
FreeEnvironmentStringsA
GetOEMCP
TlsSetValue
ExitProcess
FlushFileBuffers
CreateMutexA
GetStringTypeA
GetSystemInfo
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
VirtualFree
LCMapStringW
GetLastError
GetEnvironmentStrings
DeleteCriticalSection
GetStartupInfoA
CompareStringW
InterlockedExchange
CompareStringA
EnumSystemLocalesA
VirtualProtect
GetUserDefaultLCID
GetTimeZoneInformation
TlsGetValue
WideCharToMultiByte
GetTickCount
HeapDestroy
RtlUnwind
GetACP
FreeEnvironmentStringsW
HeapSize
HeapReAlloc
TlsAlloc
WriteFile
GetStringTypeW
GetModuleHandleA
LeaveCriticalSection
GetCommandLineA
HeapCreate
GetEnvironmentStringsW
TerminateProcess
GetLocaleInfoW
GetProcAddress
OpenMutexA
GetCurrentThread
EnterCriticalSection
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetHandleCount
HeapValidate
LCMapStringA
LoadLibraryA
IsValidLocale
GetCurrentProcessId
HeapFree
VirtualAlloc
QueryPerformanceCounter
GetThreadLocale

gdi32

GdiFlush
GetRandomRgn
GetDeviceCaps
DeleteDC
GetFontData
MoveToEx
StretchBlt
SetBrushOrgEx
CreateDCA
PtInRegion
GetObjectA
DeleteObject
CreateMetaFileA
SelectClipPath
ScaleWindowExtEx
SelectObject

comdlg32

FindTextA
GetFileTitleA

comctl32

CreateToolbarEx
ImageList_SetDragCursorImage
ImageList_AddIcon
ImageList_SetImageCount
ImageList_GetImageCount
DrawStatusText
ImageList_ReplaceIcon
CreateToolbar
CreateStatusWindow
ImageList_Create
ImageList_Read
_TrackMouseEvent
ImageList_GetImageRect
ImageList_Copy
InitCommonControlsEx
ImageList_GetDragImage
ImageList_SetOverlayImage
InitMUILanguage
CreatePropertySheetPageW
ImageList_GetIconSize
CreatePropertySheetPageA
ImageList_SetIconSize
CreateUpDownControl
ImageList_GetImageInfo
ImageList_GetIcon

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

976f5f0aad2050da014ff05be1ed31c7

Headers

File Characteristics

Imports

user32

wininet

advapi32

kernel32

gdi32

comdlg32

comctl32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 112KB - Virtual size: 127KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 112KB - Virtual size: 127KB

.rsrc
Size: 48KB - Virtual size: 47KB