c1e773868d2509babaa11f9f2e7d3e99

Sharing

Copy URL Twitter E-mail

General

Target

c1e773868d2509babaa11f9f2e7d3e99
Size

176KB
MD5

c1e773868d2509babaa11f9f2e7d3e99
SHA1

30fb1f292c81a6c0eadda13e6818566b83a59d60
SHA256

d5c2b2ed52c8594f1e035dcc5bd5566baa2c45bc85ea6e545858e1fde47765c0
SHA512

2a7c1f5410995730256ef4a34a7d99e55268626810263fbeeb1f33c8495ebc895359be629860d84bcde7314875efbdcced9c2327ee7ba76c5e5f919e10a10ed2
SSDEEP

3072:CKxRnwyskUKbEueHwTgr6HcJwFKIXgObuoJI0PqihE:lRrsk3EzwTHdhX9bjJ3x2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1e773868d2509babaa11f9f2e7d3e99

Files

c1e773868d2509babaa11f9f2e7d3e99
.dll windows:4 windows x86 arch:x86

c8c3b1f5cf14278f2551baafc6137cd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

time
exit
calloc
tolower
mbstowcs
sqrt
malloc
atol
clock
sprintf
memcpy
wcscspn

kernel32

GetEnvironmentStrings
LocalAlloc
SizeofResource
WriteFile
GetDiskFreeSpaceA
SetErrorMode
HeapFree
GetProcessHeap
VirtualAllocEx
ExitProcess
CreateFileA
DeleteFileA
FindFirstFileA
GetDateFormatA
LoadLibraryA
lstrcatA
GlobalAlloc
GetVersion
GetStringTypeW
IsBadReadPtr
GlobalAddAtomA
WaitForSingleObject
LocalReAlloc
ReadFile
LoadLibraryExA

user32

PeekMessageW
PostQuitMessage
GetSystemMetrics
ShowOwnedPopups
CreateIcon
LoadBitmapA
GetScrollPos
GetMenu
GetWindowTextLengthA
CloseClipboard
IntersectRect
GetForegroundWindow
GetTopWindow
GetClassNameA
GetMenuStringA
IsCharLowerA
SetWindowPos
CallWindowProcA
PtInRect
FrameRect
IsRectEmpty
SetScrollInfo
MsgWaitForMultipleObjects
GetWindowRect
EndPaint
KillTimer
SetClassLongA
IsIconic
GetWindowPlacement
IsWindowEnabled
CharUpperBuffA
GetSysColor
GetKeyboardLayoutNameA
GetMenuState
GetWindow
MoveWindow
CharUpperA
EndDialog
DefMDIChildProcA
RegisterClipboardFormatA
RemoveMenu
CharNextW
IsDlgButtonChecked
FindWindowA
GetFocus
DrawIcon
GetKeyState
GetMenuItemCount
IsDialogMessageW
MapVirtualKeyA
GetParent
IsWindowVisible
DrawFrameControl
GetSystemMenu
GetCursorPos
WindowFromPoint
PostMessageA
CreatePopupMenu
GetIconInfo
EnumWindows
GetKeyboardLayoutList
MessageBeep
GetActiveWindow

Exports

Exports

_DqR4sISSOk@20
_WwTiHZTjz6Oq@16
Mpf_cGiIH
_z210ur
_SjACTqy04Ov9
QZ03VI6LWPjXe@12
zyi5eBMCCdoh@12
2oM74VY
_qR3RtMw38H
_LdOL_C1BE@4
VBnHIP9NsLOG8@12
_NjLdT895ov@16

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 146KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8c3b1f5cf14278f2551baafc6137cd0

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 12KB

.bss Size: 146KB - Virtual size: 305KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 12KB

.bss
Size: 146KB - Virtual size: 305KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB