1caaab9be8caf26fcc1e460825af2af6

Sharing

Copy URL Twitter E-mail

General

Target

1caaab9be8caf26fcc1e460825af2af6
Size

430KB
MD5

1caaab9be8caf26fcc1e460825af2af6
SHA1

33965646ba14783633e4a07861476037583ca199
SHA256

fe862c5426d6d2721d36b7cc48457c97b1d6ef5d3745972e38f17c5dbb3590e3
SHA512

46af991162dd453efff94f291446a20cf2dc8c8c25950d9d69b485d794e59fd47a9035018deb13b97d2e5af57c090863a55c86f8777b36276b1294d09d14cbeb
SSDEEP

12288:P6gK7a2m/tP7q1QlhgSIJ/AZJ4x3kvAjbB8W321t:PvK7nCt4QngPJ4Q5u6G1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1caaab9be8caf26fcc1e460825af2af6

Files

1caaab9be8caf26fcc1e460825af2af6
.exe windows:4 windows x86 arch:x86

50a34dfda2bb315fe5953dedebf0dd1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
GetSystemDirectoryA
SetEnvironmentVariableA
GetTimeZoneInformation
TlsFree
GetCurrentThread
GetVersionExA
GetDateFormatA
InterlockedExchange
DeleteFileA
TlsSetValue
GetEnvironmentStringsW
GetLocaleInfoW
SetUnhandledExceptionFilter
GetModuleHandleA
GetACP
UnhandledExceptionFilter
IsValidCodePage
GetStartupInfoA
SetLastError
GetStringTypeW
GetCommandLineA
HeapCreate
GetEnvironmentStrings
TlsAlloc
GetFileType
VirtualFree
InitializeCriticalSection
SuspendThread
CreateEventW
GetLastError
lstrcatW
IsValidLocale
GetFileAttributesW
SetCurrentDirectoryW
CompareStringW
GetExitCodeThread
GetProcessHeap
Sleep
FreeLibrary
ExitProcess
ExitThread
RtlUnwind
CreateFileW
SetWaitableTimer
GetTimeFormatA
MoveFileExW
GetOEMCP
GetStringTypeA
InterlockedIncrement
VirtualAlloc
EnumSystemLocalesA
CompareStringA
TerminateProcess
SetConsoleCtrlHandler
GetPrivateProfileIntW
GetCurrentProcess
GetSystemTimeAsFileTime
ConvertDefaultLocale
GetPrivateProfileStructA
FreeEnvironmentStringsA
DeleteCriticalSection
HeapFree
HeapDestroy
HeapSize
WideCharToMultiByte
GetLocaleInfoA
GetStdHandle
GetProcAddress
WriteFile
VirtualQuery
InterlockedDecrement
HeapReAlloc
GetUserDefaultLCID
HeapAlloc
LoadLibraryA
GetCurrentProcessId
GetModuleFileNameA
TlsGetValue
CreateRemoteThread
EnterCriticalSection
GetTickCount
GetEnvironmentStringsA
LeaveCriticalSection
GetCPInfo
GetFullPathNameW
SetHandleCount
MapViewOfFileEx
GetCurrentThreadId
MultiByteToWideChar
GetTempPathA
LCMapStringA
RtlZeroMemory

gdi32

CreateFontA
PolyTextOutA
CancelDC
PlayMetaFileRecord
MaskBlt
PtVisible
GetRgnBox
SetDeviceGammaRamp
CreateICA
DeleteMetaFile
PolyBezier
GetDeviceGammaRamp
SetICMProfileW
CreateSolidBrush
SetMetaFileBitsEx

comdlg32

ChooseFontA
ReplaceTextA
ChooseFontW

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50a34dfda2bb315fe5953dedebf0dd1a

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 8KB - Virtual size: 25KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 8KB - Virtual size: 25KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 9KB - Virtual size: 8KB