9c4fd89696f2b8728894021db97dd0384e8d27981c017e337f6af0a92c8896e7

Sharing

Copy URL Twitter E-mail

General

Target

9c4fd89696f2b8728894021db97dd0384e8d27981c017e337f6af0a92c8896e7
Size

3.8MB
MD5

e9e5a5d8ba6ff2e7009aa9c6f96dd5ba
SHA1

9b6ca8ab5c89f6b4cafa6f0997620a7d4e3de41d
SHA256

9c4fd89696f2b8728894021db97dd0384e8d27981c017e337f6af0a92c8896e7
SHA512

702ff720aad6ceb6860d7390e3ba78d0534515415b5b3ec17e6801a9c58d7f36a80695995a7f812bc9e1622d8036750f4860a9b3146937e9d96f881d8ca736f2
SSDEEP

49152:blTGlVHYFWATbVpYTzBxKdgNHcOMmzZ47n+lMPi4PemUJ1/0S/ddbIStHjULM7N:dGlGRTbVAQM8KzyOMXhUbx/g0DFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c4fd89696f2b8728894021db97dd0384e8d27981c017e337f6af0a92c8896e7

Files

9c4fd89696f2b8728894021db97dd0384e8d27981c017e337f6af0a92c8896e7
.exe windows x86

9008c9b44bb421ac6506caac261e4e65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReadData
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpConnect
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpOpen
WinHttpReceiveResponse
WinHttpCrackUrl

advapi32

OpenThreadToken
StartServiceW
QueryServiceStatus
QueryServiceConfig2W
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfig2W
CreateProcessAsUserW
RegEnumValueW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
OpenProcessToken
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
GetUserNameW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
AddAce
CopySid
EqualSid
GetAce
GetAclInformation
GetLengthSid
GetSidLengthRequired
GetSidSubAuthority
GetTokenInformation
InitializeAcl
InitializeSid
IsValidSid
ConvertSidToStringSidW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
ChangeServiceConfigW

gdi32

CreateCompatibleBitmap
StretchBlt
SetBkMode
Rectangle
GetClipBox
CreateBitmap
CreateRoundRectRgn
GetDeviceCaps
SetGraphicsMode
BitBlt
EnumFontsW
DeleteObject
GetObjectW
SetTextColor
DeleteDC
GetStockObject
CreateCompatibleDC
CreateDIBSection
SelectObject
SetViewportOrgEx
GetCurrentObject
GetViewportOrgEx
Arc
CombineRgn
CreateEllipticRgnIndirect
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
Ellipse
ExcludeClipRect
GetClipRgn
GetRgnBox
GetTextColor
GetTextExtentPoint32W
IntersectClipRect
OffsetRgn
Pie
PtInRegion
RectInRegion
RestoreDC
RoundRect
SaveDC
ExtSelectClipRgn
SetRectRgn
SetROP2
GetWorldTransform
SetWorldTransform
ExtCreatePen
Polyline
CreateDIBitmap
CreateDCW
StretchDIBits
CreateFontIndirectW
CreateSolidBrush

kernel32

MoveFileExW
CopyFileW
MultiByteToWideChar
WideCharToMultiByte
TerminateProcess
WaitForSingleObject
DuplicateHandle
OpenProcess
GetStdHandle
AssignProcessToJobObject
ResumeThread
CreateProcessW
ExpandEnvironmentStringsW
GetModuleHandleA
CreateEventW
GetProcAddress
GetDiskFreeSpaceExW
IsDebuggerPresent
SetThreadPriority
GetCurrentThreadId
GetCurrentThread
GetThreadPriority
CreateThread
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
SetFilePointerEx
FlushFileBuffers
FileTimeToSystemTime
QueryPerformanceFrequency
GetModuleHandleW
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
QueryPerformanceCounter
FindFirstFileW
FindFirstFileExW
FindNextFileW
FindClose
GetProcessId
GetFileAttributesW
Process32NextW
Process32FirstW
GetVersionExW
GetNativeSystemInfo
GetModuleHandleExW
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
LoadLibraryW
GetModuleHandleExA
SetEvent
ResetEvent
GetSystemInfo
OutputDebugStringW
GetSystemDirectoryA
FindResourceExW
LoadResource
LockResource
SizeofResource
GetLocalTime
GetSystemWow64DirectoryW
DeviceIoControl
lstrcpyA
GetModuleFileNameA
VirtualFree
FreeLibrary
LoadLibraryA
IsBadReadPtr
InitializeCriticalSection
OpenThread
SuspendThread
GetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualQuery
VirtualProtectEx
VerifyVersionInfoW
GetSystemDirectoryW
GetWindowsDirectoryW
WriteConsoleW
GlobalAlloc
GetCommandLineA
GetOEMCP
IsValidCodePage
ReadConsoleW
GetDriveTypeW
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
VirtualProtect
GetFileType
SetStdHandle
GetConsoleMode
GetConsoleCP
LoadLibraryExW
RtlUnwind
InitializeSListHead
GetStartupInfoW
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
GetStringTypeW
lstrlenA
lstrcpyW
DosDateTimeToFileTime
SetFilePointer
GlobalUnlock
GlobalLock
GetVersionExA
GetFullPathNameW
FreeResource
HeapCreate
MulDiv
InterlockedDecrement
InterlockedIncrement
GetTempPathW
RemoveDirectoryW
GetCurrentProcess
ReadFile
CreateDirectoryW
LocalFree
GetCommandLineW
GetTickCount
FormatMessageA
GetCurrentProcessId
DeleteFileW
CreateFileW
GetModuleFileNameW
OutputDebugStringA
GetCurrentDirectoryW
SetFileAttributesW
FindResourceW
WriteFile
SetLastError
ExitProcess
Sleep
CreateMutexW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
CloseHandle
DecodePointer
GetLongPathNameW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetEnvironmentVariableW
LoadLibraryExA
CreateToolhelp32Snapshot
VerSetConditionMask

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateGuid
CreateStreamOnHGlobal
PropVariantClear
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear

shlwapi

StrToIntExW
StrIsIntlEqualA

user32

GetMonitorInfoW
GetFocus
CallWindowProcW
GetDlgItem
MapWindowPoints
GetWindow
LoadBitmapW
CreateIconFromResource
GetMessageW
IsWindowVisible
SystemParametersInfoA
CharLowerBuffW
IsMenu
IsWindowEnabled
CreatePopupMenu
DestroyMenu
GetMenuItemCount
AppendMenuW
TrackPopupMenu
GetDC
GetSystemMetrics
DrawTextW
MonitorFromWindow
ReleaseDC
DefWindowProcW
CreateWindowExW
WaitMessage
RegisterClassExW
DispatchMessageW
SetTimer
PeekMessageW
MsgWaitForMultipleObjectsEx
GetWindowRect
GetQueueStatus
TranslateMessage
KillTimer
PostQuitMessage
GetActiveWindow
SystemParametersInfoW
SetWindowLongW
GetWindowLongW
SetWindowPos
DestroyWindow
PostMessageW
wsprintfW
FindWindowW
MessageBoxW
ShowWindow
UnregisterClassW
SendMessageW
GetClassNameW
SetCaretPos
GetParent
HideCaret
GetCaretBlinkTime
LoadImageW
CreateCaret
GetClientRect
SetWindowTextW
InvalidateRect
EndPaint
BeginPaint
GetMenuInfo
SetMenuInfo
GetMenuItemInfoW
SetForegroundWindow
SetMenuContextHelpId
FillRect
InvertRect
DrawIconEx
OemToCharBuffW
CreateIconIndirect
GetCapture
SetFocus
IsZoomed
IsIconic
SetLayeredWindowAttributes
TrackMouseEvent
GetSysColor
UpdateWindow
ReleaseCapture
CallMsgFilterW
SetCapture
LoadCursorW
DestroyCursor
IsWindow
CopyRect
InflateRect
OffsetRect
SetCursor
SetRect
IntersectRect
UnionRect
IsRectEmpty
EqualRect
PtInRect
CharNextW
DestroyIcon
GetIconInfo
GetCursorPos
ScreenToClient
GetKeyState
EnableMenuItem
ClientToScreen

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock
UnloadUserProfile

iphlpapi

GetAdaptersInfo

imm32

ImmReleaseContext
ImmGetContext
ImmAssociateContext

gdiplus

GdipCreateBitmapFromFile
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdipGetImageHeight
GdipFree
GdipAlloc
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdiplusStartup
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipGraphicsClear
GdipDrawImageRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageWidth

msimg32

GradientFill
AlphaBlend

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.RESS
Size: 10.1MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9008c9b44bb421ac6506caac261e4e65

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

advapi32

gdi32

kernel32

ole32

oleaut32

shlwapi

user32

winmm

userenv

iphlpapi

imm32

gdiplus

msimg32

Exports

Exports

Sections

.text Size: 872KB - Virtual size: 872KB

.rdata Size: 227KB - Virtual size: 227KB

.data Size: 2.6MB - Virtual size: 2.7MB

.gfids Size: 1024B - Virtual size: 748B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 384KB - Virtual size: 384KB

.reloc Size: 52KB - Virtual size: 51KB

.RESS Size: 10.1MB - Virtual size: 10.1MB

.text
Size: 872KB - Virtual size: 872KB

.rdata
Size: 227KB - Virtual size: 227KB

.data
Size: 2.6MB - Virtual size: 2.7MB

.gfids
Size: 1024B - Virtual size: 748B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 384KB - Virtual size: 384KB

.reloc
Size: 52KB - Virtual size: 51KB

.RESS
Size: 10.1MB - Virtual size: 10.1MB