1c80d61b80e2d53b830746ac476dd0d1

General

Target

1c80d61b80e2d53b830746ac476dd0d1
Size

270KB
MD5

1c80d61b80e2d53b830746ac476dd0d1
SHA1

3c254635e12a10438dc156461fba7db94acc6847
SHA256

e65ec42b08905dc3d4799742f8dc2a6699f0c483643c0ad714183e34d8c3d00d
SHA512

4d63bff509ffa45d828b95ac225940cc42a232309b2651c0bd5722e0c3de05337e3e73f6ccbec8cad56f943c0e576f7fcdeed1b03a94eb124f54c4742ca53820
SSDEEP

6144:9Q3pnVV8A85nSfKipSV1LCY+ZD/tAXPbOGEGGkLyes:9spnVL85S3i5cD4PKGEG7yes

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c80d61b80e2d53b830746ac476dd0d1

Files

1c80d61b80e2d53b830746ac476dd0d1
.exe windows:4 windows x86 arch:x86

41fc393d494d1b95f0ecac98714edbff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
FreeEnvironmentStringsA
GetStartupInfoA
AddAtomA
SetLastError
SetHandleCount
GetCurrentProcessId
GetOEMCP
UnhandledExceptionFilter
IsBadWritePtr
InterlockedExchange
VirtualFree
HeapCreate
GetSystemTimeAsFileTime
HeapDestroy
SetEndOfFile
FreeEnvironmentStringsW
GetStdHandle
TlsSetValue
EnumResourceLanguagesA
GetSystemInfo
GetEnvironmentStrings
QueryPerformanceCounter
TlsAlloc
GetModuleFileNameA
GetACP
VirtualAlloc
TlsFree
GetDiskFreeSpaceW
WriteFile
GetCurrentProcess
GetEnvironmentStringsW
GetLocaleInfoA
VirtualQuery
GetVersionExA
TlsGetValue
TerminateProcess
HeapSize
GetFileType
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

GetDlgItem
EnumChildWindows
DestroyWindow
IsWindow
CreateWindowExW
SendMessageA
GetWindowThreadProcessId

Sections

.text
Size: 134KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41fc393d494d1b95f0ecac98714edbff

Headers

File Characteristics

Imports

kernel32

shell32

newdev

mprapi

iphlpapi

setupapi

user32

Sections

.text Size: 134KB - Virtual size: 277KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 277KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB