1ce9b63682ecac14db7bc9ea14f5fbd9

Sharing

Copy URL Twitter E-mail

General

Target

1ce9b63682ecac14db7bc9ea14f5fbd9
Size

506KB
MD5

1ce9b63682ecac14db7bc9ea14f5fbd9
SHA1

4e34ae23a6c0bafd6ea9e3710ecbf9ac39c86abf
SHA256

20cbed1591d9ea684728a13092afd1c76266afe20bc1eeb7963afc587e3938e3
SHA512

6e906852b3cc7726189021e9c09f69e454838feb2104221ce00134c7cbbd668d4fe5fe132e3b9ec8eff032f94bba3bb7642e946606a842538196efb7590e737b
SSDEEP

12288:Cf4BEKlvbxCVhSB9D62miwDkluA3BERfm6QP2Y+FrADslY8LPXSWPa:Cf4mK5IeEViMkAA3BERpU12rAwNbW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ce9b63682ecac14db7bc9ea14f5fbd9

Files

1ce9b63682ecac14db7bc9ea14f5fbd9
.exe windows:4 windows x86 arch:x86

bbb19286e7f10184c5f54ff1ab162737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RemoveFontResourceA
EndPage
EnableEUDC
GetRasterizerCaps
CreatePenIndirect
SetICMProfileA
GetDeviceCaps
PatBlt
CreateDCW
CreateCompatibleBitmap
GetGlyphOutlineW
DeleteDC

comctl32

ImageList_GetBkColor
ImageList_Merge
MakeDragList
InitCommonControlsEx
GetEffectiveClientRect

kernel32

InterlockedExchange
UnhandledExceptionFilter
CreateMutexA
HeapAlloc
GetCommandLineW
CreateDirectoryExW
GetCurrentThreadId
GetLongPathNameW
WriteProfileSectionA
FreeEnvironmentStringsA
CloseHandle
RtlUnwind
WriteFile
IsValidLocale
InitializeCriticalSection
HeapCreate
TlsAlloc
HeapSize
VirtualFree
TerminateProcess
GetModuleFileNameW
CreateMutexW
HeapDestroy
WideCharToMultiByte
GetStartupInfoW
GetTimeZoneInformation
LeaveCriticalSection
DeleteCriticalSection
LoadLibraryA
GetLocaleInfoW
SetLastError
GetTickCount
SetEnvironmentVariableA
CreateToolhelp32Snapshot
GetLastError
GetCurrentProcess
SetFilePointer
GetTimeFormatA
GetStartupInfoA
GlobalSize
GetEnvironmentStrings
GetProcAddress
GetSystemTimeAsFileTime
EnterCriticalSection
TlsSetValue
TlsGetValue
GlobalReAlloc
GetACP
TlsFree
IsBadWritePtr
WritePrivateProfileStructA
LCMapStringA
ReadConsoleOutputCharacterA
OpenMutexA
GetUserDefaultLCID
OutputDebugStringA
IsValidCodePage
GetCommandLineA
VirtualQuery
GetShortPathNameA
GetCurrentThread
GetStdHandle
HeapReAlloc
VirtualAlloc
EnumDateFormatsExW
GetModuleFileNameA
GetVersionExA
EnumSystemLocalesA
MultiByteToWideChar
ReadConsoleOutputAttribute
GetCPInfo
LCMapStringW
HeapFree
GetLocaleInfoA
FreeEnvironmentStringsW
GetCurrentProcessId
GetEnvironmentStringsW
GetStringTypeW
SetHandleCount
CompareStringW
ReadFile
CompareStringA
GetModuleHandleA
GetStringTypeA
GetFileType
GetSystemInfo
GetDateFormatA
VirtualProtect
SetStdHandle
GetOEMCP
FlushFileBuffers
ExitProcess
QueryPerformanceCounter
GetFileAttributesExA

user32

SetUserObjectSecurity
CreateWindowExA
DlgDirSelectExA
OpenClipboard
GetTopWindow
IsCharLowerW
CallMsgFilterW
GetNextDlgGroupItem
GetInputState
DrawFocusRect
LoadStringA
CreateWindowStationW
EndTask
SetShellWindow
MessageBoxW
WindowFromDC
ShowWindow
GetComboBoxInfo
RegisterClassA
GetUserObjectInformationA
RegisterClassExA
SetTimer
TranslateMessage
RemoveMenu
DefMDIChildProcW

Sections

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbb19286e7f10184c5f54ff1ab162737

Headers

File Characteristics

Imports

gdi32

comctl32

kernel32

user32

Sections

.text Size: 337KB - Virtual size: 337KB

.rdata Size: 44KB - Virtual size: 60KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 337KB - Virtual size: 337KB

.rdata
Size: 44KB - Virtual size: 60KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 20KB - Virtual size: 19KB