1c6812d3c43696add76341ca2826dabf

General

Target

1c6812d3c43696add76341ca2826dabf
Size

160KB
MD5

1c6812d3c43696add76341ca2826dabf
SHA1

83778f3d043dfc4672af4bb60d6c76be3c7fd00d
SHA256

609307a7472c9e9cb447caeeb086f0403f7a258a8fd1234def381c0522c8a5e8
SHA512

a31723c3a2f4d25ac76dbfe04dabd216717b20bd186f56004d7473f7c8a7f3000fad0a2b001808a30483c15af713a2eced51dc223f4128bf4dac451d78df49cd
SSDEEP

3072:UHl/MzZtze+LHTgbaezON4VHneMhteQgNjXnV1QddGsYW36neYwKoJ:oWZtz/LHKNGgeMDe57TQTGsnK70

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c6812d3c43696add76341ca2826dabf

Files

1c6812d3c43696add76341ca2826dabf
.exe windows:5 windows x86 arch:x86

0fa90fe9f28b276495597c3e5fb156dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__set_app_type
time
_wtoi
__getmainargs
isdigit
iswspace
_onexit
memmove
exit
_XcptFilter

user32

GetSubMenu
GetForegroundWindow
GetWindow
EnableMenuItem
IsDialogMessageA
GetFocus
RegisterClassA
OffsetRect
MapWindowPoints
PeekMessageA
GetParent
GetClientRect
PeekMessageW
RedrawWindow
SetCapture
PostMessageW
FindWindowW
DialogBoxParamA
TrackPopupMenu
GetWindowRect
CopyRect
SetScrollInfo
GetActiveWindow
SetWindowTextA
CallWindowProcA
GetClassNameA
GetPropA
GetMenuItemID
IsWindow
DefWindowProcA

kernel32

HeapDestroy
GlobalReAlloc
GetEnvironmentVariableA
CreateMutexW
GetStartupInfoW
GetOEMCP
EnterCriticalSection
GetConsoleMode
GetCurrentDirectoryA
IsBadReadPtr
LockResource
GetDriveTypeA
GetDateFormatA
FindResourceA
GetWindowsDirectoryW
ExitProcess
GetCurrentThreadId
ReleaseMutex
LoadLibraryA
GetSystemDefaultLCID
LocalAlloc
GetLastError
VirtualAlloc
GetThreadLocale
GlobalFree
CreateEventA

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data/0x
Size: 63KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fa90fe9f28b276495597c3e5fb156dc

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 512B - Virtual size: 512B

.data/0x Size: 63KB - Virtual size: 297KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 512B - Virtual size: 512B

.data/0x
Size: 63KB - Virtual size: 297KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 1024B - Virtual size: 1024B