c1d1767e17bf3970167780ca59f6ba30

Sharing

Copy URL

Twitter E-mail

General

Target

c1d1767e17bf3970167780ca59f6ba30
Size

19KB
MD5

c1d1767e17bf3970167780ca59f6ba30
SHA1

18c0a08c9023f529991867663181735993a6b50b
SHA256

3fbb603d6dbecd5ab67446915b76dc8a4f7837025b3c4effa2d724aca652462e
SHA512

42d4f5ba3b53e37b6ab04bab08977431814747b6c9be5e5cab351c7974cf81cf3e27e21ce7de074bd321747be091c7f305be473d2b5c952efa5bd47cb0994c73
SSDEEP

384:+44pf2OhqCyQWi3/0PD6n/LRIPNqgbDfCuM5ogwTSAc7nzstqjhMiqc2ptvLb4Hz:5Mf5h5mPgTRiNNWklc7Xyvtvgz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1d1767e17bf3970167780ca59f6ba30

Files

c1d1767e17bf3970167780ca59f6ba30
.exe windows:5 windows x86 arch:x86

689e4aaf862f7f66bd1092595dbca6fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateBitmap
GetClipBox
SetViewportExtEx
SetBkColor
SetMapMode
TextOutA
SelectObject
SetWindowExtEx
Escape
PtVisible
DeleteDC
GetDeviceCaps
SetTextColor
ScaleViewportExtEx
GetStockObject
SaveDC
ExtTextOutA
RectVisible
OffsetViewportOrgEx
DeleteObject
RestoreDC
GetObjectA
ScaleWindowExtEx
SetViewportOrgEx

advapi32

OpenProcessToken
RegSetValueExA
RegRestoreKeyA
AdjustTokenPrivileges
RegCreateKeyExA
LookupPrivilegeValueA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey

kernel32

FreeEnvironmentStringsW
HeapSize
VirtualFree
MultiByteToWideChar
GetLastError
DeleteCriticalSection
TlsGetValue
CloseHandle
GlobalFlags
FreeLibrary
GetStdHandle
GetProcessVersion
GlobalAddAtomA
lstrlenA
ExitProcess
SetHandleCount
LCMapStringA
LeaveCriticalSection
TlsFree
TerminateProcess
GetWindowsDirectoryA
GlobalLock
LoadLibraryA
TlsSetValue
LocalFree
GlobalGetAtomNameA
GlobalUnlock
GetStringTypeA
GetCPInfo
HeapReAlloc
GetStringTypeW
lstrcpyA
LocalAlloc
lstrcmpA
HeapDestroy
GetCurrentProcess
IsBadWritePtr
GetACP
GetVersionExA
GetCommandLineA
FreeEnvironmentStringsA
EnterCriticalSection
GlobalHandle
GetCurrentThreadId
SetUnhandledExceptionFilter
TlsAlloc
IsBadCodePtr
InterlockedDecrement
GetModuleHandleA
GlobalReAlloc
IsBadReadPtr
VirtualAlloc
GetProcAddress
GlobalFindAtomA
SetLastError
WideCharToMultiByte
GetVersion
GetOEMCP
InitializeCriticalSection
GetEnvironmentStringsW
GlobalDeleteAtom
lstrcatA
GetEnvironmentStrings
GetFileType
GlobalAlloc
LocalReAlloc
GetModuleFileNameA
lstrcpynA
InterlockedIncrement
GlobalFree
HeapCreate
lstrcmpiA
RtlUnwind
FreeConsole
GetEnvironmentVariableA
WriteFile
GetStartupInfoA
RaiseException
HeapFree
LCMapStringW

crypt32

RegQueryValueExU

activeds

FreeADsMem

setupapi

SetupFindFirstLineA
SetupDiEnumDeviceInfo
SetupDiSetDeviceInstallParamsA
SetupGetStringFieldA
SetupDiSetDeviceRegistryPropertyA
SetupCloseInfFile
SetupDiClassGuidsFromNameA
SetupOpenInfFileA
SetupDiSetSelectedDriverA
SetupDiEnumDriverInfoA
SetupDiOpenDevRegKey
SetupDiGetDeviceInstallParamsA
SetupDiBuildDriverInfoList
SetupDiCreateDeviceInfoA
SetupFindNextLine

user32

GetClientRect
GetMessagePos
DispatchMessageA
GetMenu
MessageBoxA
LoadBitmapA
GrayStringA
DrawTextA
LoadIconA
SetPropA
GetWindow
GetCapture
SetMenuItemBitmaps
GetParent
GetSystemMetrics
IsIconic
CopyRect
DestroyMenu
ModifyMenuA
GetFocus
GetClassInfoA
SetWindowTextA
EnableMenuItem
ReleaseDC
UnhookWindowsHookEx
DefWindowProcA
CallWindowProcA
RegisterWindowMessageA
PeekMessageA
CreateWindowExA
GetLastActivePopup
SetForegroundWindow
AdjustWindowRectEx
WinHelpA
GetNextDlgTabItem
GetDlgCtrlID
GetMenuCheckMarkDimensions
GetWindowPlacement
GetDC
SetWindowLongA
RemovePropA
SendMessageA
SetWindowsHookExA
PtInRect
GetDlgItem
GetWindowLongA
IsWindowEnabled
PostMessageA
SetWindowPos
GetClassLongA
DestroyWindow
GetMenuItemCount
GetForegroundWindow
SetFocus
GetMenuItemID
GetWindowRect
GetWindowTextA
GetKeyState
GetPropA
SystemParametersInfoA
GetSubMenu
PostQuitMessage
GetSysColorBrush
RegisterClassA
GetClassNameA
GetMenuState
CallNextHookEx
LoadCursorA
LoadStringA
MapWindowPoints
GetTopWindow
TabbedTextOutA
EnableWindow
ClientToScreen
GetSysColor
CheckMenuItem
GetMessageTime

Sections

.textbss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

689e4aaf862f7f66bd1092595dbca6fa

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

kernel32

crypt32

activeds

setupapi

user32

Sections

.textbss Size: - Virtual size: 80KB

.text Size: 512B - Virtual size: 424B

.rdata Size: 512B - Virtual size: 32B

.data Size: 512B - Virtual size: 196B

.idata Size: 24KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 80KB

.text
Size: 512B - Virtual size: 424B

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 512B - Virtual size: 196B

.idata
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 1KB