1b9db68b6f2fa90ed283c4e864bcac35

General

Target

1b9db68b6f2fa90ed283c4e864bcac35
Size

60KB
MD5

1b9db68b6f2fa90ed283c4e864bcac35
SHA1

67fe00676beb45634b7ce295093ec632d59e5c69
SHA256

e05d0bfb567e2d76d90ec29255255c2e72e64bba77894f7ff359fb848540fb9d
SHA512

02643223cf4c31aae30904ec1e9a2d9f67443a6b89bee22261431b091a125d518a1eea4cff9f40c442e46a3ec42a3c952590afb75d3cd29fa78b480d46bad472
SSDEEP

1536:MdCLfUD+8ea1eALC2Rwfma5MpFPPLjGqB0C:PcZeAVkJ6LjGqSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b9db68b6f2fa90ed283c4e864bcac35

Files

1b9db68b6f2fa90ed283c4e864bcac35
.exe windows:4 windows x86 arch:x86

887fb85fa9f00291ac69ac792310ec7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
WaitForMultipleObjects
GlobalAddAtomW
TerminateThread
SetWaitableTimer
SetEvent
CloseHandle
DeleteFileW
GetFileAttributesW
GlobalUnlock
FindNextChangeNotification
WaitForSingleObject
InterlockedDecrement
GetModuleHandleW
GetFileAttributesExW
InterlockedIncrement
LoadLibraryA
GetModuleFileNameW
MulDiv
MultiByteToWideChar
QueryDosDeviceW
CreateFileW
lstrcpyW
CancelWaitableTimer
FileTimeToSystemTime
GetLogicalDrives
GetProcAddress
FindFirstFileW
CreateProcessW

user32

DestroyMenu
CreatePopupMenu
IsDlgButtonChecked
GetWindowRect
ReleaseDC
DialogBoxParamW
LoadCursorW
GetKeyState
TrackPopupMenu
GetDlgItem
RegisterHotKey
wsprintfW
GetWindowTextW
SendDlgItemMessageW
SetCursor
GetSystemMetrics
VkKeyScanW
SystemParametersInfoW
PostQuitMessage
EndDialog
OffsetRect
GetWindowDC

gdi32

SelectObject
DPtoLP
BitBlt
DeleteDC
CreateSolidBrush
DeleteObject
GetStockObject
CreateRoundRectRgn
GetClipBox
SetBkColor
CreateDCW

advapi32

RegDeleteValueW
LookupPrivilegeValueW
RegSetValueExW
RegNotifyChangeKeyValue
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

887fb85fa9f00291ac69ac792310ec7f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB