1371f2aa61bcbeb84f1bcfc060fafa1af72dd39e910eee5302b59487d9c32d6c

Sharing

Copy URL Twitter E-mail

General

Target

1371f2aa61bcbeb84f1bcfc060fafa1af72dd39e910eee5302b59487d9c32d6c
Size

194KB
MD5

6aaaf71c8ce3fe440fcfc875be6b6b29
SHA1

2a1e5900b7738d11986cda8c613becfa3d1b0e64
SHA256

1371f2aa61bcbeb84f1bcfc060fafa1af72dd39e910eee5302b59487d9c32d6c
SHA512

41aae1a6a44f406e9ee9c1fbe3677076a3d8cdc8e4b2f8f863f97372be8ef3372119633867a8beddf816994bd3cdf73b42e87d741d3368d719c77addce704d0a
SSDEEP

3072:2LcSLMFU/1QN+wqy6FqB0qsFJXeF7dIHx0OkGumYZw92Dy5CDiE:2LzLCoLhcBbsSFw08u3Z7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1371f2aa61bcbeb84f1bcfc060fafa1af72dd39e910eee5302b59487d9c32d6c

Files

1371f2aa61bcbeb84f1bcfc060fafa1af72dd39e910eee5302b59487d9c32d6c
.exe windows:5 windows x86 arch:x86

e1892e3810428189623a18b210ee9544

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CountClipboardFormats
GetMessageExtraInfo
MsgWaitForMultipleObjects
GetSystemMenu
PtInRect
IsCharAlphaW
SendMessageCallbackA
IsRectEmpty
GetClientRect

urlmon

HlinkSimpleNavigateToString
HlinkSimpleNavigateToMoniker
CoInternetGetProtocolFlags
CoInternetQueryInfo
ObtainUserAgentString
ReleaseBindInfo
CoInternetCreateZoneManager
RegisterMediaTypeClass
UrlMkGetSessionOption
CoInternetGetSession
RegisterFormatEnumerator

shell32

DragAcceptFiles
DragFinish
ExtractIconA
Shell_NotifyIconA
ExtractIconExA
ShellExecuteA

ole32

CoQueryAuthenticationServices
ReadFmtUserTypeStg
CoFileTimeToDosDateTime
StgSetTimes
StgGetIFillLockBytesOnFile
OleGetClipboard

gdi32

CreateCompatibleBitmap
AddFontResourceExW
CreateBrushIndirect
Chord
CloseFigure
AbortDoc
CreateCompatibleDC
CreateDIBitmap

kernel32

HeapSize
SetFilePointer
GetStringTypeW
LCMapStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapAlloc
ReadFile
MultiByteToWideChar
LoadLibraryW
SetStdHandle
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapFree
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
CloseHandle
WriteConsoleW
CreateFileW
GetProcAddress
GetDiskFreeSpaceA
lstrlenA
CreateSemaphoreA
AddAtomW
SetVolumeMountPointW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1892e3810428189623a18b210ee9544

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

shell32

ole32

gdi32

kernel32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 142KB - Virtual size: 141KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 142KB - Virtual size: 141KB