1b6a35a12bf5e90b3960f7d9e558db3e

Sharing

Copy URL

Twitter E-mail

General

Target

1b6a35a12bf5e90b3960f7d9e558db3e
Size

414KB
MD5

1b6a35a12bf5e90b3960f7d9e558db3e
SHA1

1746fb9e0489bebc169ce097fe1873c921b933df
SHA256

291c823f1c466c7f60726e13fad4ab5328b3ad8a4f3bddfbd91a44f15c0b8f7e
SHA512

14bd0fee3d2de21c1fefe0b397b2ac854c963d364ca90e873c3a9e87ad809682926ea36bf69fd5c18f70d0c219e0fe7ef25f1f14786f03ee199f4c8d820e79b1
SSDEEP

6144:eWi3fWuQ3YpYCgjdpEv9kLx3GZFX4f8UiNeNs0Q+8LbmJ+LfOVgMAKp9LxASEeb4:ed+Vz2kN2Fo3DQ+aK+AgBKjwC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b6a35a12bf5e90b3960f7d9e558db3e

Files

1b6a35a12bf5e90b3960f7d9e558db3e
.exe windows:4 windows x86 arch:x86

7e6482f944fe801b1ec18a2a05fe9d1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
HeapDestroy
InitializeCriticalSectionAndSpinCount
SetLastError
GetProcAddress
InterlockedDecrement
HeapReAlloc
Sleep
CompareStringA
GetStartupInfoA
GetCurrentProcessId
TlsFree
FindFirstFileA
GetCurrentThread
TlsGetValue
WriteFile
InterlockedIncrement
GetFileAttributesA
TlsSetValue
LeaveCriticalSection
GetFileType
VirtualFree
DeleteCriticalSection
GetTimeFormatA
IsValidCodePage
SetCriticalSectionSpinCount
GetModuleHandleW
FoldStringA
WriteProfileStringW
ExitProcess
GetTickCount
GetSystemDirectoryW
TlsAlloc
HeapFree
FreeLibrary
GetModuleFileNameA
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
FreeEnvironmentStringsW
VirtualAlloc
EnumResourceTypesA
CompareStringW
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetACP
GetDateFormatA
GetLocaleInfoW
SetConsoleCtrlHandler
UnhandledExceptionFilter
HeapSize
EnterCriticalSection
GetSystemTimeAsFileTime
GetCPInfo
OpenEventW
GetConsoleTitleW
GetCommandLineW
GetEnvironmentStringsW
SetThreadContext
SetHandleCount
LCMapStringA
GetStringTypeW
LocalReAlloc
GetLocaleInfoA
SetEnvironmentVariableA
IsValidLocale
HeapCreate
SetUnhandledExceptionFilter
GetModuleFileNameW
GetLastError
InterlockedExchange
GetStartupInfoW
GetOEMCP
EnumSystemLocalesA
LCMapStringW
WriteConsoleA
CopyFileExA
IsDebuggerPresent
GetUserDefaultLCID
HeapAlloc
MultiByteToWideChar
GetProfileStringA
UnmapViewOfFile
GetTimeZoneInformation
VirtualQuery
GetModuleHandleA

shell32

ExtractIconEx
SHGetDataFromIDListW
SHInvokePrinterCommandA
SHGetSpecialFolderLocation
FreeIconList
DragQueryPoint
SHGetDiskFreeSpaceA
ShellExecuteExA
ShellHookProc

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e6482f944fe801b1ec18a2a05fe9d1a

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 127KB - Virtual size: 127KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 127KB - Virtual size: 127KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 11KB - Virtual size: 10KB