1c2a51311891fbf80edc2e6723a523fbe4187b39865448bd43249b6cf0d10f17

Sharing

Copy URL Twitter E-mail

General

Target

1c2a51311891fbf80edc2e6723a523fbe4187b39865448bd43249b6cf0d10f17
Size

604KB
MD5

81877ef8b47ab2bb8c0ac133a85b890d
SHA1

30f09013946c2d0bdd064deb2630830bfd8b7aa1
SHA256

1c2a51311891fbf80edc2e6723a523fbe4187b39865448bd43249b6cf0d10f17
SHA512

130b7797ca5583c432396334ba65db379c9f128291108b31fd2c5908d8e435f2197490c1a2e43da8e4782e1d1ec5d61066542a9405c0d75a8731f87e26125464
SSDEEP

6144:VMy31jVK0Kyt1VvMuzBV+UdvrEFp7hKViq:VMy31pK0Kyt1VpzBjvrEH7eiq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c2a51311891fbf80edc2e6723a523fbe4187b39865448bd43249b6cf0d10f17

Files

1c2a51311891fbf80edc2e6723a523fbe4187b39865448bd43249b6cf0d10f17
.exe windows:5 windows x86 arch:x86

fa3484ad926e12f9fe08d941dc80f408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationA
GetLastError
AddAtomW
EnumTimeFormatsW
ExitProcess
FindAtomA
GetSystemTimeAdjustment
LoadLibraryA
GetProcAddress
GetTickCount
FillConsoleOutputCharacterW
GlobalAlloc
FindFirstChangeNotificationW
GetCurrentDirectoryW
GetModuleHandleW
CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
SetLastError
CloseHandle
LocalFree
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ReadFile
Sleep
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
InitializeCriticalSectionAndSpinCount

user32

GetRegisteredRawInputDevices
GetRawInputDeviceInfoW
ScrollWindow
UpdateWindow
LoadIconA
GetNextDlgGroupItem
GetAltTabInfoA
GetMessageExtraInfo
SetParent
SetThreadDesktop
GetThreadDesktop

gdi32

FillPath
StretchBlt

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mysec3
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 433KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa3484ad926e12f9fe08d941dc80f408

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 6KB - Virtual size: 166KB

.mysec3 Size: 512B - Virtual size: 4B

.rsrc Size: 433KB - Virtual size: 432KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 6KB - Virtual size: 166KB

.mysec3
Size: 512B - Virtual size: 4B

.rsrc
Size: 433KB - Virtual size: 432KB

.reloc
Size: 6KB - Virtual size: 6KB