a1e9d61fdf71f7b380acb6b4f4275662

Sharing

Copy URL

Twitter E-mail

General

Target

a1e9d61fdf71f7b380acb6b4f4275662
Size

87KB
MD5

a1e9d61fdf71f7b380acb6b4f4275662
SHA1

1bdcaea56cc95d3e311c9d99d3f7c5c209398c67
SHA256

8f6886f9cdd589d446fe2315fcf080d0fecaabd7d7b50103ccfb9e2fe46c863d
SHA512

57b56dc7361115a44ca19089cf4b969fbc923fb25fe05f224648df19f9924fa2636b58081c66fcf7442a33cc1a741bb37e35741e8947a566817a1efd9631bc95
SSDEEP

1536:7BGI5i2hu5/o2SOUo5agDUzrWFK/dco4HLJ9o6rMduv8r//DM0ku8AHo6909RbNy:7BGIjA/p1as+rFWLI6QT/rM/LAz8bNM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1e9d61fdf71f7b380acb6b4f4275662

Files

a1e9d61fdf71f7b380acb6b4f4275662
.exe windows:4 windows x86 arch:x86

19b79cbd6561abcb8f61ec712a1d8630

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
sprintf
free
memcpy
__setusermatherr
calloc
__getmainargs
abort
fputc
_stricmp
strchr
_adjust_fdiv
__p__fmode
__p__environ
_initterm
_except_handler3
__set_app_type
_acmdln
strstr
memset
__p__commode
_XcptFilter
sqrt

comdlg32

GetOpenFileNameA

kernel32

GetModuleFileNameA
TerminateProcess
GetNumberFormatA
lstrcmpiA
GetFileType
MultiByteToWideChar
GetLocaleInfoW
GetDiskFreeSpaceA
GetTimeZoneInformation
GetStartupInfoA
GetCurrentDirectoryA
UnhandledExceptionFilter
GetConsoleMode
LocalAlloc
GetSystemTime
DeviceIoControl
VirtualQuery
lstrlenA

user32

FrameRect
SetWindowPos
ShowCursor
CallNextHookEx
SetDlgItemTextA
EmptyClipboard
GetSysColor
GetParent
SetWindowLongA
SetFocus
EnableMenuItem
GetSystemMetrics
SendDlgItemMessageA
UnhookWindowsHookEx
DrawTextA
GetLastActivePopup

ole32

DoDragDrop
CoInitialize
CreateILockBytesOnHGlobal
CoInitializeEx
ReleaseStgMedium
CreateStreamOnHGlobal
IsAccelerator
CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeSecurity
CLSIDFromProgID

advapi32

RegOpenKeyExA
InitiateSystemShutdownA
CryptGenRandom
GetSecurityDescriptorDacl
CryptAcquireContextA
SetSecurityDescriptorDacl
RegCreateKeyA
DeleteService
SetSecurityDescriptorGroup
AdjustTokenPrivileges
RegSetValueExA
ControlService
AllocateAndInitializeSid
OpenSCManagerA
RegQueryValueA

comctl32

ImageList_SetIconSize
ImageList_GetBkColor
ImageList_SetDragCursorImage
ImageList_DragEnter
PropertySheetA
ImageList_Draw
ImageList_DragShowNolock
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_DragLeave
ImageList_SetImageCount
ImageList_Write
ImageList_Replace

gdi32

CombineRgn
CreateDIBPatternBrushPt
MaskBlt
GetTextFaceW
GetWindowOrgEx
GetViewportOrgEx
SetPolyFillMode
RemoveFontResourceA
Rectangle
GetClipBox
SetEnhMetaFileBits
OffsetViewportOrgEx

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19b79cbd6561abcb8f61ec712a1d8630

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

ole32

advapi32

comctl32

gdi32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 9KB - Virtual size: 46KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 46KB

.rsrc
Size: 18KB - Virtual size: 17KB