1ec5cf969fd1c95b75c077603935993570e1beaa1225725b7111bb526dd94077[.]exe

General

Target

1ec5cf969fd1c95b75c077603935993570e1beaa1225725b7111bb526dd94077.exe
Size

239KB
MD5

125745827f248eac06c4f893b28dc29c
SHA1

e4211489fd4384b8b16541a8c270a5728117c771
SHA256

1ec5cf969fd1c95b75c077603935993570e1beaa1225725b7111bb526dd94077
SHA512

17e97424e19032773303e5a0fcf70facca227fd3e02b77ffdfb314e6bd66e2d01b4a1e2f2224be8fd738031fa425e5fad0ef6c47cb33197079f4e4c6a37c8a55
SSDEEP

3072:s3UgYuzRv2a9YhQlcDABGYaxXu567s3zAAJdE1O7QQAsa1xZzCYK4QWSW/oEQQSX:s3Z5R9xaOEQAsa5pQWSWfQQS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ec5cf969fd1c95b75c077603935993570e1beaa1225725b7111bb526dd94077.exe

Files

1ec5cf969fd1c95b75c077603935993570e1beaa1225725b7111bb526dd94077.exe
.exe windows:1 windows x86 arch:x86

bf97881302a806c1510680b9870b988b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenServiceA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
DeleteService
RegOpenKeyA

kernel32

CloseHandle
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalFree
SetLastError
WriteFile
CreateFileA
DeleteFileA
GetWindowsDirectoryA
ReadFile
CopyFileA
GlobalAlloc
MoveFileA
GetSystemTime
SetFilePointer
GetFileSize
GetEnvironmentStrings
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
VirtualAlloc
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
SetStdHandle
FlushFileBuffers

user32

GetKeyboardType
MessageBoxA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf97881302a806c1510680b9870b988b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 48KB - Virtual size: 48KB

.bss Size: - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 105B

.data Size: 182KB - Virtual size: 181KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 48KB - Virtual size: 48KB

.bss
Size: - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 105B

.data
Size: 182KB - Virtual size: 181KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB