1b5628a05b552fd949e10253b60f72a15aea6b479450c87549cce344cee46634

Sharing

Copy URL Twitter E-mail

General

Target

1b5628a05b552fd949e10253b60f72a15aea6b479450c87549cce344cee46634
Size

161KB
MD5

43b2cc4f5d21f44b6b8b7c501279f42f
SHA1

20c896efbb2787e81cd40afa7631c8fd5c3f3edc
SHA256

1b5628a05b552fd949e10253b60f72a15aea6b479450c87549cce344cee46634
SHA512

227ec2672f694aa6be5593f50fac1d19506dae0f0d2aaccdb32c15e96647483e9a409e8a23d662aee9c0a7f0c45f98737dc2ef08b145294cbe4ea27250fe8686
SSDEEP

3072:4nfSQ+OlipaFk+7eJdVtl1ZJh0pbq12Oxm7ltcIQe13zV0ILrJLNfo:7Q+7aFOVtl1ZJhu3Am77RQypLlLNQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b5628a05b552fd949e10253b60f72a15aea6b479450c87549cce344cee46634

Files

1b5628a05b552fd949e10253b60f72a15aea6b479450c87549cce344cee46634
.dll windows:4 windows x86 arch:x86

926e9a8edda7808bd61292812e2f8e1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

wcschr
_adjust_fdiv
malloc
_initterm
free
strlen
strchr
strrchr
wcsrchr
wcstoul
memset
wcsstr
wcstol

kernel32

DeleteFileW
WideCharToMultiByte
CreateFileA
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleW
MulDiv
lstrcpyW
GlobalAlloc
LoadLibraryW
GetProcAddress
lstrcmpiW
lstrlenW
WriteFile
ReadFile
lstrcmpW
lstrcpynW
GetLastError
CreateFileW
GlobalFree
CloseHandle
SleepEx
SetFilePointer
GetTickCount
lstrcatW
GetFileSize

�

MessageBoxW
GetParent
ShowWindow
SetWindowLongW
IsWindow
SetWindowTextW
SendDlgItemMessageW
GetDlgItem
PostMessageW
GetWindowTextW
SendMessageW
SetDlgItemTextW
SetWindowPos
SystemParametersInfoW
GetClientRect
GetWindowRect
SetTimer
LoadIconW
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
IsWindowVisible
EnableWindow
CreateDialogParamW
FindWindowExW
eDi
wsprintfW
GetWindowLongW

iaofu�wcstablwindo

uWin�
�$�7ryWwLomerle
te
tx7
l3��3��
t�undoFil�t�uFilCund
u
t��uFPo$7u�u
u�Fi��at�:�l3n7SFPo
$7usWidreo$7u�7x
oFundo$u�E�l3uFundi�lu�E
lu�E
do$u
t��o$7lkAAW
�
�
rteDDiAee

lwindo

ord17

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

926e9a8edda7808bd61292812e2f8e1e

Headers

File Characteristics

Imports

msvcrt

kernel32

�

iaofu�wcstablwindo

lwindo

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB