1bab2de1e09d9e1a535ac3a2a18c0c89

Sharing

Copy URL Twitter E-mail

General

Target

1bab2de1e09d9e1a535ac3a2a18c0c89
Size

339KB
MD5

1bab2de1e09d9e1a535ac3a2a18c0c89
SHA1

5b0299c67e095855c82107124d44d2aafbd39ccd
SHA256

035c35aaba830dc2eea2974294cf2a52389af00c2db65b61ac27bf2a806facd6
SHA512

8e147fc2ccaaf80812600dcd96a9c4d33281534f2f2fea26cb59c7c62a4d09f3d0699d3094c0ccb24c38217d573735d7aedcfc7090816d1b72c09468f0eaf6f7
SSDEEP

6144:2phRnw5iqlRRGsEyEmwQUueCzNsdNR4XQe5/Ip5cw:cjnwLRdEyEmwmd2dNHeZIp5c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bab2de1e09d9e1a535ac3a2a18c0c89

Files

1bab2de1e09d9e1a535ac3a2a18c0c89
.exe windows:5 windows x86 arch:x86

b984b3bf1b7ccdfb92aaea6496df62d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
GetDeviceCaps
GetObjectA
TranslateCharsetInfo
BitBlt
CreateDIBitmap
RealizePalette
SelectPalette
CreatePalette
GetSystemPaletteEntries
GetStockObject
CreateFontA
CreateSolidBrush
CreateFontIndirectA
SetTextColor
SetBkMode
GetTextExtentPoint32A

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

SetEnvironmentVariableA
CompareStringW
CloseHandle
GetTempPathA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
MulDiv
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
WriteConsoleA
CreateFileA
GetCurrentDirectoryW
GetLastError
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
CompareStringA
GetProcessHeap
GetModuleHandleA
FindResourceA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetFileType
GetStdHandle
VirtualQuery
VirtualProtect
SearchPathA
GetShortPathNameA
SetEvent
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
GetStartupInfoA
GetCommandLineA
HeapSize
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
SetLastError
GetSystemInfo
WaitForSingleObject
SetCurrentDirectoryA
VerLanguageNameA
GlobalHandle
WideCharToMultiByte
GetTimeFormatA
GetDateFormatA
GetVersionExA
SetHandleCount
Sleep
GetProcAddress
InterlockedIncrement
InterlockedDecrement
GetTimeZoneInformation
GetCPInfo
HeapCreate
SetStdHandle
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
MultiByteToWideChar
GetLocaleInfoA
LoadLibraryA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b984b3bf1b7ccdfb92aaea6496df62d7

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

version

kernel32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 216KB - Virtual size: 215KB

.data Size: 5KB - Virtual size: 116KB

.rsrc Size: 17KB - Virtual size: 21KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 216KB - Virtual size: 215KB

.data
Size: 5KB - Virtual size: 116KB

.rsrc
Size: 17KB - Virtual size: 21KB