1bf5d98009793ec64d8a33d619775026

Sharing

Copy URL Twitter E-mail

General

Target

1bf5d98009793ec64d8a33d619775026
Size

413KB
MD5

1bf5d98009793ec64d8a33d619775026
SHA1

9e4e007f1a3e0913fc2b4a4260c762eca292e61b
SHA256

0f1641095f02c3f874e047ae45e9e4fe523ca9b591f92359737e05203b300c4a
SHA512

b5181ab6586f29de64ae643dfb5295b0d967f0393c30e92b7e6d0f6af97e76b94a4397066d7201c6a2f76488841dd608444d754486ba4db33c696d078e30f78e
SSDEEP

12288:Yv5cQx4eLEL6ivArssNNb3/7zBv6wrrkJ/ZsBID9J9sSsK0Dod4:Yv5tx49xmNt/S6wCSDd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bf5d98009793ec64d8a33d619775026

Files

1bf5d98009793ec64d8a33d619775026
.exe windows:4 windows x86 arch:x86

8192c396d23f18bf3b53e2b45d4c9bd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollPos
DialogBoxIndirectParamW
IsIconic
DlgDirSelectComboBoxExW
UnloadKeyboardLayout
GetInputState
OemToCharBuffW
GetWindowContextHelpId

kernel32

WideCharToMultiByte
GetCurrentThread
GetTickCount
UnlockFile
WriteFile
SetHandleCount
LoadLibraryW
TlsSetValue
LeaveCriticalSection
GetCommandLineA
DeleteCriticalSection
SetPriorityClass
CreateDirectoryExW
GetEnvironmentStrings
GetVersion
EnumCalendarInfoExA
HeapReAlloc
GetStringTypeW
HeapCreate
GetLastError
VirtualQuery
SetLastError
VirtualFree
GetCurrentProcess
GetEnvironmentStringsW
TerminateProcess
TlsGetValue
LCMapStringA
FreeEnvironmentStringsA
TlsAlloc
GetCPInfo
FindAtomW
GetFileType
HeapDestroy
GetACP
GetSystemTimeAsFileTime
HeapFree
GetModuleHandleA
MultiByteToWideChar
HeapAlloc
GetStdHandle
FlushViewOfFile
LCMapStringW
IsBadWritePtr
EnterCriticalSection
GetStartupInfoA
FreeEnvironmentStringsW
TlsFree
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryA
GetOEMCP
InterlockedExchange
UnhandledExceptionFilter
GetProcAddress
RtlUnwind
QueryPerformanceCounter
InitializeCriticalSection
ExitProcess
GetModuleFileNameA
GetStringTypeA
VirtualAlloc

comdlg32

ChooseColorA
GetFileTitleA
GetSaveFileNameA

wininet

FindNextUrlCacheEntryA
InternetTimeFromSystemTimeA
InternetSetCookieW
FreeUrlCacheSpaceW
InternetSecurityProtocolToStringW
HttpOpenRequestW
InternetGetLastResponseInfoW

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8192c396d23f18bf3b53e2b45d4c9bd6

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

wininet

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 3KB - Virtual size: 14KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 3KB - Virtual size: 14KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 10KB - Virtual size: 10KB