1cc2c4860e38f7e0063a1539088c898e

Sharing

Copy URL

Twitter E-mail

General

Target

1cc2c4860e38f7e0063a1539088c898e
Size

46KB
MD5

1cc2c4860e38f7e0063a1539088c898e
SHA1

8845ddbaccf1759f3d487533da42fceb45922a32
SHA256

8f2071eb15e377d5e02b7c6294f9023bb21914ceb1e08e3d0814c6432180790c
SHA512

c915e3950e1de396378dc4130277b4dca6197063e12ce51c6f03a1dca0a2c32d4fa44f2fbcb73359af6e4c6939670d8341f2708269bb92a881976a615832dfa9
SSDEEP

768:oxnpzJh1Fyiq1ZWXzmzrro0C2oadVbsBI8wENoCZrf3B5dx:oxpz/1FyRqWrr7CZStsOEHZrvB5dx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cc2c4860e38f7e0063a1539088c898e

Files

1cc2c4860e38f7e0063a1539088c898e
.exe windows:5 windows x86 arch:x86

e4bec67c4d62b416c5f01d767b378fb4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsnmp32

SnmpEncodeMsg
SnmpSetRetransmitMode
SnmpStrToOid
SnmpRegister
SnmpStartup
SnmpGetTimeout
_SnmpSetAgentAddress@4
SnmpFreeVbl
SnmpDuplicateVbl
SnmpSetRetry
SnmpRecvMsg
SnmpFreeContext
SnmpEntityToStr

olecli32

ErrQueryOutOfDate
GenDraw
PbDraw
GenChangeData
OleQueryBounds
DibChangeData
GenSaveToStream
DibEqual
LeChangeData
OleRevokeClientDoc
OleQueryCreateFromClip
ErrReconnect
LeUpdate
MfQueryBounds
OleRelease
PbLoadFromStream
OleExecute
ErrActivate
GetTaskVisibleWindow
LeCopyFromLink

ole32

ComPs_NdrDllGetClassObject
OleGetIconOfFile
IsValidPtrOut
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserMarshal
CoLockObjectExternal
HENHMETAFILE_UserUnmarshal
CreateOleAdviseHolder
CoGetInterceptorFromTypeInfo
CoGetComCatalog
ReadOleStg
ReadClassStg
DcomChannelSetHResult
CoFileTimeNow
HBITMAP_UserSize
OleInitialize
GetClassFile
WdtpInterfacePointer_UserUnmarshal
MonikerCommonPrefixWith
CoRevokeMallocSpy
CoDeactivateObject
ComPs_NdrDllUnregisterProxy

hid

HidP_GetScaledUsageValue
HidD_FlushQueue
HidD_GetConfiguration
HidP_GetExtendedAttributes
HidD_GetInputReport
HidD_GetManufacturerString
HidP_GetLinkCollectionNodes
HidP_GetUsageValue
HidP_TranslateUsagesToI8042ScanCodes
HidP_SetUsageValue
HidD_GetNumInputBuffers
HidP_UsageListDifference
HidP_InitializeReportForID
HidP_GetCaps
HidD_FreePreparsedData
HidP_GetButtonCaps
HidP_GetUsages
HidD_SetOutputReport
HidD_GetFeature
HidP_GetUsageValueArray
HidD_Hello

msdart

MpHeapAlloc
?GetDefaultSpinAdjustmentFactor@CReaderWriterLock@@SGNXZ
?_ReadLockSpin@CReaderWriterLock3@@AAEXW4SPIN_TYPE@1@@Z
?GetDefaultSpinCount@CReaderWriterLock3@@SGGXZ
?ReadLock@CSpinLock@@QAEXXZ
mpFree
?GetStatistics@CLKRLinearHashTable@@QBE?AVCLKRHashTableStats@@XZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?sm_wDefaultSpinCount@CReaderWriterLock3@@1GA
?ConvertSharedToExclusive@CCritSec@@QAEXXZ
?sm_dblDfltSpinAdjFctr@CSmallSpinLock@@1NA
?SetDefaultSpinAdjustmentFactor@CSmallSpinLock@@SGXN@Z
?SetSpinCount@CReaderWriterLock2@@QAE_NG@Z
?ReadOrWriteLock@CSpinLock@@QAE_NXZ
?SetSpinCount@CReaderWriterLock3@@QAE_NG@Z
?_DeleteKey@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@KK@Z
?_ExtractKey@CLKRHashTable@@ABE?BKPBX@Z
?_InsertThisIntoGlobalList@CLKRLinearHashTable@@AAEXXZ
?ConvertExclusiveToShared@CSpinLock@@QAEXXZ
MpHeapCreate
?_TryWriteLock@CReaderWriterLock2@@AAE_NJ@Z
MPDeleteCriticalSection
??1CLKRHashTable@@QAE@XZ

kernel32

QueryPerformanceCounter
GetConsoleProcessList
SizeofResource
PeekNamedPipe
GetACP
SetupComm
GetModuleHandleW
GetCurrentThread
GetBinaryTypeA
GetLocaleInfoA
FatalExit
LoadLibraryW
RemoveDirectoryA
SetLocaleInfoW

wldap32

ldap_parse_vlv_controlA
ldap_start_tls_sA
ldap_delete_ext_sA
ldap_open
ldap_controls_free
ldap_value_freeA
ldap_first_attributeA
ldap_initA
ldap_get_next_page

msasn1

ASN1BEREncObjectIdentifier
ASN1ztcharstring_cmp
ASN1CEREncChar16String
ASN1intx_add
ASN1BERDecGeneralizedTime
ASN1_FreeDecoded
ASN1utf8string_free
ASN1BERDecS32Val
ASN1utctime_cmp
ASN1BERDecSkip
ASN1BEREncEndOfContents
ASN1Free
ASN1BERDecSXVal
ASN1EncSetError
ASN1_CreateDecoder
ASN1BERDecEndOfContents
ASN1BERDecOctetString2
ASN1BERDecOpenType2
ASN1BEREncMultibyteString
ASN1generalizedtime_cmp
ASN1uint32_uoctets
ASN1intx2uint32
ASN1objectidentifier_free
ASN1BERDecEoid
ASN1CEREncFlushBlkElement
ASN1BERDecOctetString
ASN1DecRealloc

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 322B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4bec67c4d62b416c5f01d767b378fb4

Headers

DLL Characteristics

File Characteristics

Imports

wsnmp32

olecli32

ole32

hid

msdart

kernel32

wldap32

msasn1

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 322B

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 322B

.rsrc
Size: 5KB - Virtual size: 4KB