1ca31f969e3a4a2e8f99d8c09cff9585

Sharing

Copy URL Twitter E-mail

General

Target

1ca31f969e3a4a2e8f99d8c09cff9585
Size

84KB
MD5

1ca31f969e3a4a2e8f99d8c09cff9585
SHA1

4506a23eabf6f62606d3e4e1fe452a478f6362c9
SHA256

2095c080e3430c5948c22b2e112f21b01bcb8feb05ae35fbd8b20e028b4aecbc
SHA512

2cb803be465d2b4ae176eafc03b2011576688ad56954cbe4cf219f68ab10dbc49da48575c071fc8f139d0dec42e3dd0eb965163a6edff5d2e74a42125990e9f8
SSDEEP

768:GwA5u9g+ZOXu8ikkCwmsIdwz/NKN1AMDE502yJjK+zC:I5u9hY0Ng1AwEbynC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ca31f969e3a4a2e8f99d8c09cff9585

Files

1ca31f969e3a4a2e8f99d8c09cff9585
.exe windows:4 windows x86 arch:x86

c90d75d0b63d46b4cb9aa91110a739f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegGetKeySecurity
RegLoadKeyA
RegReplaceKeyA
RegDeleteValueA
RegFlushKey
RegDeleteKeyW
RegEnumKeyA
RegQueryValueExW
RegReplaceKeyW
RegOpenKeyW
RegCreateKeyExA
RegOpenKeyExW
RegLoadKeyW
RegCreateKeyW
RegOpenKeyA
RegEnumKeyExW
RegQueryValueA
RegQueryValueExA
RegDeleteValueA
RegFlushKey
RegEnumKeyExA
RegQueryValueA
RegOpenKeyW
RegLoadKeyA
RegDeleteKeyW
RegEnumValueA
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA
RegLoadKeyW
RegOpenKeyA
RegDeleteKeyA
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumKeyExA
RegOpenKeyW
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExA
RegCreateKeyExW
RegCreateKeyW
RegQueryValueA
RegEnumKeyA
RegOpenKeyExW
RegDeleteKeyW
RegLoadKeyA
RegOpenKeyA
RegQueryValueExW
RegQueryValueW
RegQueryInfoKeyA
RegLoadKeyW

user32

CopyRect
CopyIcon
EndDialog
DialogBoxParamW
CopyImage
GetCursor
GetWindowTextA
CalcMenuBar
BlockInput
DrawTextA
LoadCursorA
IsWindow
AlignRects
CloseWindow
GetDC
CopyRect
GetWindowTextLengthA
DrawIcon
AppendMenuW
BlockInput
EndDialog
LoadMenuA
IsWindow
DrawIconEx
GetCursor
DialogBoxParamA
CalcMenuBar
IsMenu
CalcMenuBar
AppendMenuW
DialogBoxParamW
DrawTextA
CopyIcon
DialogBoxParamA
IsWindow
CreateIcon
GetMenu
LoadMenuA
GetDlgItem
CopyImage
CopyRect
AppendMenuA
GetDC
LoadCursorA
DrawIcon

kernel32

CopyFileExA
GetConsoleMode
OpenFile
GlobalFree
CopyFileExW
CopyFileW
GetLastError
ReadFile
OpenFileMappingA
FindAtomA
CreateThread
DeleteFileW
GetFileSize
Sleep
DeleteAtom
ExitThread
ReadConsoleA
FindFirstFileA
WriteFile

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dkdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c90d75d0b63d46b4cb9aa91110a739f4

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 4KB - Virtual size: 2KB

.dkdata Size: 52KB - Virtual size: 48KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 7KB

.idata Size: 8KB - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 25KB

.text
Size: 4KB - Virtual size: 2KB

.dkdata
Size: 52KB - Virtual size: 48KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 7KB

.idata
Size: 8KB - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 25KB