9ac13a1920ed9f0090c1f3d2b0d229a27f56f97eea587399f2d7159499b919b6

Sharing

Copy URL Twitter E-mail

General

Target

9ac13a1920ed9f0090c1f3d2b0d229a27f56f97eea587399f2d7159499b919b6
Size

222KB
MD5

53cf3066adf2cbf0d21db86c64a73cde
SHA1

6bfa9ddc285ba1f4333b12dc2aea7cb591ca023b
SHA256

9ac13a1920ed9f0090c1f3d2b0d229a27f56f97eea587399f2d7159499b919b6
SHA512

646333a4ca540d4d56aec00d832a470724c33187aa19159e3d8c7f093f6024b996b16c481bd0997f0332ba326e832e1cbb1a18f336498f70e345e17ca71a24e0
SSDEEP

6144:Bv+UkRY33igfgswQBxY5/OUuMIcmxcAu6bgnN+9:JGRY3VpwUFCADbg49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ac13a1920ed9f0090c1f3d2b0d229a27f56f97eea587399f2d7159499b919b6

Files

9ac13a1920ed9f0090c1f3d2b0d229a27f56f97eea587399f2d7159499b919b6
.exe windows x86

1f5d1bc50abef11874969c383dad4273

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
lstrlenA
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
GetLastError
InitializeCriticalSection
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
GetStringTypeW
GetCurrentProcess
LCMapStringW
LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
FlushInstructionCache
DeleteCriticalSection
SetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCurrentDirectoryA
GetCurrentThreadId
DeleteFileA
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
HeapCreate
GetStdHandle
WriteFile
HeapSize
GetStringTypeA
ExitProcess
HeapReAlloc
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
ExitThread
CloseHandle
ResumeThread
CreateThread
VirtualProtect
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

TranslateMessage
PostMessageA
GetDlgItem
MessageBoxA
LoadImageA
GetSystemMetrics
EnableWindow
PostQuitMessage
DestroyWindow
CharNextA
SetWindowLongA
ShowWindow
PeekMessageA
GetMessageA
UnregisterClassA
DispatchMessageA
CreateDialogParamA
DefWindowProcA
GetParent
GetWindow
GetWindowRect
GetWindowLongA
MonitorFromWindow
GetMonitorInfoA
GetClientRect
MapWindowPoints
SetWindowPos
IsDialogMessageA
SendMessageA

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

liteunzip

UnzipItemToFileA
UnzipOpenFileA
UnzipGetItemA
UnzipClose

urlmon

URLDownloadToFileA

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f5d1bc50abef11874969c383dad4273

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

liteunzip

urlmon

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 138KB - Virtual size: 137KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 138KB - Virtual size: 137KB

.reloc
Size: 6KB - Virtual size: 6KB