1cd97337e861e13586ad6336f143ca1c

General

Target

1cd97337e861e13586ad6336f143ca1c
Size

68KB
MD5

1cd97337e861e13586ad6336f143ca1c
SHA1

e949549d7ea1a0f210acfa058631b1f9e673dea4
SHA256

e65c6438af13fa97ead0e051df729aab6b655f9840b70e991e3489d5321ac3ff
SHA512

c97f1455ee3e5fac3c6bb73f62a33a5c8b1b013c87156fc39493a2b16affb3b0f346b0a7b056a6ac070f83e28fc46a76beb2144e9bcc6ec4ebdba45e10dfc636
SSDEEP

1536:bYl7O6yPea/LdP/H6a5NzfWgn5mNeJHXl1uEKkQN4qPM81:bYl7O6yPPLBRNzxMYJHqQQN4qF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cd97337e861e13586ad6336f143ca1c

Files

1cd97337e861e13586ad6336f143ca1c
.exe windows:4 windows x86 arch:x86

2854f6abb8a92f174828330533df0490

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
inet_addr
gethostbyaddr

kernel32

GetStdHandle
VirtualProtect
GetLocaleInfoA
GetStringTypeW
Sleep
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
CreateProcessW
CreateMutexW
LoadResource
FindResourceW
GetModuleFileNameW
RtlUnwind
RaiseException
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
WriteFile
GetSystemInfo
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeA

Sections

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2854f6abb8a92f174828330533df0490

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 32KB - Virtual size: 29KB

.rsrc Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 29KB

.rsrc
Size: 24KB - Virtual size: 22KB