1b2f28d97574df133a2e330e1baeec8a

Sharing

Copy URL Twitter E-mail

General

Target

1b2f28d97574df133a2e330e1baeec8a
Size

76KB
MD5

1b2f28d97574df133a2e330e1baeec8a
SHA1

0105cb62462ffcd4610235bdbf4d7981672a25d0
SHA256

19cbbcfb30c6f33985797f7f6ead4d72837d7c7cf2ab2e39755eaf34febb8d23
SHA512

20086e861bd704f4425b184463b545b6802a801df785df4abd70e62e2dd2f1005af0788300ddc45eff99825f7ec8f62848339f31dd6bcd42dd9dd2840cefe1d8
SSDEEP

768:1Q+HYkZN8fMUjXtqClZ5uZYAOvE9XXzSanp9v7UTro5t8wNqnAm:S1kZN8BXtZLwYAUqX/STro3TqnAm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b2f28d97574df133a2e330e1baeec8a

Files

1b2f28d97574df133a2e330e1baeec8a
.exe windows:4 windows x86 arch:x86

be3680a50e7fee0363fdf882c3e3e9ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcpynA
LocalFree
FormatMessageA
GetLastError
CreateFileA
GetFileSize
lstrcmpiA
ReadFile
SetFilePointer
WriteFile
DeleteFileA
FindClose
FindNextFileA
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
lstrcmpA
SetCurrentDirectoryA
ReleaseMutex
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
SetLastError
GetDriveTypeA
LoadLibraryA
GetProcAddress
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringA
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetCurrentProcess
TerminateProcess
WideCharToMultiByte
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapFree
CloseHandle
GetFullPathNameA
lstrcpyA
GetCurrentThreadId
CompareStringW
GetCurrentDirectoryA

user32

ReleaseDC
GetDC
GetClassInfoA
RegisterClassA
CreateWindowExA
GetClientRect
MapDialogRect
SetDlgItemInt
DefWindowProcA
GetParent
PostMessageA
KillTimer
SendMessageA
SetWindowPos
SystemParametersInfoA
GetWindowRect
IsWindowVisible
UnhookWindowsHookEx
MessageBoxA
SetWindowsHookExA
GetWindowLongA
wvsprintfA
wsprintfA
SetTimer
GetDlgItem
MessageBeep
DestroyWindow
GetDialogBaseUnits
GetDlgItemInt
FindWindowA
SetForegroundWindow
UnregisterClassA
WinHelpA
DestroyIcon
LoadIconA
SetClassLongA
GetSystemMenu
AppendMenuA
MoveWindow
SetWindowLongA
CreateDialogParamA
GetDlgItemTextA
EnableWindow
SendDlgItemMessageA
EndDialog
SetDlgItemTextA
InvalidateRect
GetWindowTextA
SetWindowTextA
ShowWindow
DialogBoxParamA

gdi32

LPtoDP
GetTextExtentPoint32A

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHGetPathFromIDListA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

wsock32

WSACleanup
WSAStartup
gethostname
WSAAsyncGetHostByName
sendto
gethostbyname
connect
recvfrom
WSAGetLastError
inet_addr
ioctlsocket
closesocket
send
ntohs
recv
WSAAsyncSelect
socket
htons
bind

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be3680a50e7fee0363fdf882c3e3e9ab

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

wsock32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 43KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 43KB