1ca126fdc46ce6da2a63a8d9a464a8c4

General

Target

1ca126fdc46ce6da2a63a8d9a464a8c4
Size

60KB
MD5

1ca126fdc46ce6da2a63a8d9a464a8c4
SHA1

86d9b77f9687b8f7cfe616c271591ed19ad5fb6f
SHA256

c5988c0748cdca330c027678c7e43ea5a9b0ce5dc6e90ca6f57f985a58cc865d
SHA512

dd2d53a12e0b9b647c19047b81512688eac7c4f796370c9762c4443c63c3fce92fba0df31d66d78f43a822dfa9afefa537f6d99db7d170e82aeee8fafe812f1a
SSDEEP

1536:fodQw/eMsDFtmwnX5XxY4nDTAje0nH87HXaTo:gdQMOFswXNRgyRLXk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ca126fdc46ce6da2a63a8d9a464a8c4

Files

1ca126fdc46ce6da2a63a8d9a464a8c4
.exe windows:4 windows x86 arch:x86

62e93dc60d1ad67fd99c86c11dbb8c7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
SetThreadPriority
SuspendThread
GetUserDefaultLangID
GetCurrentProcessId
LoadLibraryA
FindClose
GetProcAddress
GetCurrentThread
GetCurrentThreadId
VirtualAlloc
CreateThread
LockResource
GetModuleFileNameW
FreeLibrary
InterlockedIncrement
ResumeThread
ReadFile
VirtualFree
lstrlenW
CloseHandle
CreateFileW
MultiByteToWideChar
SizeofResource
SetLastError
GetLastError
TerminateThread
CancelWaitableTimer
GetCurrentProcess
GlobalAlloc
SetEvent

user32

SetCursorPos
SetLayeredWindowAttributes
SetForegroundWindow
GetParent
SendMessageW
PostQuitMessage
GetWindowThreadProcessId
GetWindowDC
UpdateWindow
WindowFromPoint
ReleaseCapture
GetMessageW
wsprintfW
MessageBoxW
EnableWindow
SetWindowTextW
SetCursor
TranslateMessage
DestroyMenu
LoadBitmapW
AppendMenuW
InvalidateRect
PostMessageW

gdi32

CreateICW
SetDIBits
GetClipBox
DPtoLP
CreateBitmap
SetMapMode
SetBkMode
SetBkColor

advapi32

RegDeleteValueW
RegCreateKeyExW
LookupPrivilegeValueW
RegOpenKeyExW
SetSecurityDescriptorDacl

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

62e93dc60d1ad67fd99c86c11dbb8c7d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB