1bea2e68eecba292ba18d6704942fc68

General

Target

1bea2e68eecba292ba18d6704942fc68
Size

110KB
MD5

1bea2e68eecba292ba18d6704942fc68
SHA1

5324cd18c013c2c8b1a26d82de30f7b305e93ed7
SHA256

1201bef1b0ad3bbb2ed2ef9e4835e81a15e0da505875794aa554343b4eb602ec
SHA512

c935b0a2bdb221c04465c7ad156aaca1a5f8b66472142bec4c5d6721ed90fba70874107f9d1c5f50702a465684e9251b47ff1be751c1c8e7fdd8e25b8c4d1b24
SSDEEP

1536:v5sB0brCWjGPxmgHJS7J9hIpxPvccRkhqp6jrlFyMIKsJsh:xs2vCWjGZpJS7VixjRWHyA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bea2e68eecba292ba18d6704942fc68

Files

1bea2e68eecba292ba18d6704942fc68
.exe windows:4 windows x86 arch:x86

cd45f1b40de0973909ab0fc48bdfcc47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetTempPathA
lstrcmpiA
lstrlenA
GetSystemDirectoryA
FindClose
FindFirstFileA
CloseHandle
GetFileSize
CreateFileA
CopyFileA
WriteFile
SetFileAttributesA
CreateDirectoryA
FindNextFileA
ReleaseMutex
WaitForSingleObject
DeleteFileA
lstrcmpA
WinExec
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
Sleep
ExitProcess
LoadLibraryA
FreeLibrary
LocalFree
MapViewOfFile
GetVersionExA
UnmapViewOfFile
ReadFile
GetShortPathNameA
lstrcpynA
GetSystemTime
VirtualFree
VirtualAlloc
FileTimeToSystemTime
GetTempFileNameA
SetFilePointer
SetEndOfFile
GetFileTime
SetFileTime
CreateThread
GetLastError
CreateMutexA
DeviceIoControl
HeapFree
HeapAlloc
GetProcessHeap
GetDriveTypeA
GetLogicalDrives
GetWindowsDirectoryA
GetVersion
GetLogicalDriveStringsA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
GetComputerNameA
ResumeThread
GetStdHandle
TerminateProcess
RtlUnwind
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr

user32

DefWindowProcA
SetTimer
ShowWindow
PostQuitMessage
EndDialog
KillTimer
CharLowerBuffA
wsprintfA
DialogBoxParamA

advapi32

RegSetValueExA
RegCreateKeyA
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

ole32

CoUninitialize
CoInitialize

ws2_32

WSACleanup
inet_addr
gethostbyname
WSAStartup

Sections

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd45f1b40de0973909ab0fc48bdfcc47

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 512B - Virtual size: 224B

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 512B - Virtual size: 224B