1b549ddef027981322f9626d66410de9

Sharing

Copy URL Twitter E-mail

General

Target

1b549ddef027981322f9626d66410de9
Size

76KB
MD5

1b549ddef027981322f9626d66410de9
SHA1

5a3f5d7f8c5123bb761906175fcf2dc37f499326
SHA256

7b65fcb5756708fbf14b4a027e7a87a2fd6eb31446a549c5e9b39977b8935619
SHA512

f9a2939b8be2dde4702ff2c44e7da8b71d1f6038eb584895c4b670b6d835d81b72975adf4666bbb786c2df3133dc7cc30b20337d8ad4bc446885aa2ce101f20c
SSDEEP

1536:9Y6pMvwKmIf09fI0iYs9aNvPKOqB0OLPDE3mL97hA+IVC/ENn:9uP/89fI06QNvPKN43mLph4C/ENn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b549ddef027981322f9626d66410de9

Files

1b549ddef027981322f9626d66410de9
.exe windows:4 windows x86 arch:x86

9523219c3fc1f6391af1745cc55bea87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CommConfigDialogA
CompareFileTime
CreateToolhelp32Snapshot
EnumUILanguagesA
ExitProcess
FindNextFileW
FindNextVolumeW
GetCommModemStatus
GetCommandLineA
GetDiskFreeSpaceW
GetFileAttributesW
GetHandleInformation
GetModuleHandleA
GetModuleHandleW
GetStartupInfoA
GetSystemDirectoryW
GetTapeStatus
GetUserDefaultLangID
GetVersionExA
HeapAlloc
HeapCreate
LCMapStringW
OpenWaitableTimerA
SetDefaultCommConfigW
WritePrivateProfileStructA
lstrcpyA

user32

SendMessageA
ReleaseDC
RegisterClassA
MessageBoxA
LoadStringA
KillTimer
InvalidateRgn
SetWindowPos
GetSystemMetrics
GetMenuItemID
GetFocus
GetDlgItemTextA
GetClassLongA
FindWindowExA
FillRect
TrackPopupMenuEx
GetUpdateRgn
EnableMenuItem
DrawTextA
DeleteMenu
DefWindowProcA
CreateMenu
CreateDialogParamA
ClientToScreen
BeginDeferWindowPos
wsprintfA
ModifyMenuA

advapi32

EqualPrefixSid
CryptSetProvParam
CryptHashSessionKey
CryptAcquireContextA
CreateTraceInstanceId
ConvertToAutoInheritPrivateObjectSecurity
GetExplicitEntriesFromAclA
CloseServiceHandle
CloseEncryptedFileRaw
SetTokenInformation
RegSaveKeyA
RegRestoreKeyA
RegQueryMultipleValuesA
RegGetKeySecurity
QueryAllTracesW
OpenEventLogA
LsaSetSecret
LsaSetInformationTrustedDomain
LsaRemoveAccountRights
LsaOpenTrustedDomainByName
BuildSecurityDescriptorA
LsaEnumerateAccountsWithUserRight
LookupAccountNameW
GetTrusteeFormW
GetSecurityInfoExA
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
AccessCheckByTypeResultListAndAuditAlarmA
AreAllAccessesGranted

olepro32

OleCreatePropertyFrame
OleIconToCursor

oleacc

AccessibleChildren
CreateStdAccessibleObject
WindowFromAccessibleObject
GetStateTextA

oledlg

OleUIAddVerbMenuW
OleUIBusyA
OleUIChangeIconW
OleUIConvertA

Sections

.text
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9523219c3fc1f6391af1745cc55bea87

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

oledlg

Sections

.text Size: 47KB - Virtual size: 48KB

.data Size: 26KB - Virtual size: 28KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 47KB - Virtual size: 48KB

.data
Size: 26KB - Virtual size: 28KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB