9c088e4585633a66aaf18228540e96af9f26a2cbb20dda6be8b0ecea2abb4639

Sharing

Copy URL Twitter E-mail

General

Target

9c088e4585633a66aaf18228540e96af9f26a2cbb20dda6be8b0ecea2abb4639
Size

1.6MB
MD5

9dab7bfc3db2097651a6150e6d25d622
SHA1

1e559a656416eab49cb16d338eb4a81a8cd60be4
SHA256

9c088e4585633a66aaf18228540e96af9f26a2cbb20dda6be8b0ecea2abb4639
SHA512

a536a03d8f088461d45a93beeedfa28b3757e6b1203a19474d7da28d6bfad8f4e5eafd07595b5b5e9fafec1c53df4808099733ab8668f3bbc7d5aed5a9dc5f18
SSDEEP

49152:OVeyNlZWW90YMDax6soMbFitlWT2+LEfG:Ae6W1QEtlg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c088e4585633a66aaf18228540e96af9f26a2cbb20dda6be8b0ecea2abb4639

Files

9c088e4585633a66aaf18228540e96af9f26a2cbb20dda6be8b0ecea2abb4639
.exe windows x86

f4672644b96b9bb65276694133d789bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetSystemTime
SetEnvironmentVariableW
WriteConsoleW
HeapSize
CloseHandle
OpenMutexW
QueryDosDeviceW
GetModuleFileNameW
GetEnvironmentVariableW
GetLogicalDriveStringsW
VirtualQuery
GetUserDefaultLangID
WriteFile
CreateFileW
GetModuleHandleExW
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetCurrentProcessId
SetEnvironmentVariableA
GetDriveTypeW
SearchPathW
WaitForMultipleObjects
GetLastError
GetProcAddress
LocalFree
CreateProcessW
GetModuleHandleW
GetExitCodeProcess
FindFirstFileW
GetLongPathNameW
GetShortPathNameW
GetFileAttributesExW
GetCurrentProcess
OpenProcess
GetVolumeInformationW
GetDiskFreeSpaceW
ExpandEnvironmentStringsW
WideCharToMultiByte
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetACP
MultiByteToWideChar
FindNextFileW
FindClose
HeapFree
GetCurrentThreadId
GetVersionExW
GetComputerNameExW
GlobalAlloc
GlobalFree
HeapAlloc
GetProcessHeap
LockResource
GetSystemInfo
LoadResource
FindResourceW
lstrcmpiW
LoadLibraryW
FreeLibrary
ReadFile
SetFileTime
SetFilePointer
SetEndOfFile
GetFileSize
GetFileTime
CreateDirectoryW
GetFullPathNameW
lstrlenW
RemoveDirectoryW
GetTempPathW
GetFileAttributesW
GetSystemDirectoryW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetWindowsDirectoryW
SetCurrentDirectoryW
MoveFileExW
CopyFileW
GetTempFileNameW
MoveFileW
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FreeEnvironmentStringsW
DosDateTimeToFileTime
FileTimeToDosDateTime
LoadLibraryExW
Sleep
InterlockedExchangeAdd
SetEvent
GetTickCount
InitializeCriticalSectionAndSpinCount
ResumeThread
OpenEventW
CreateEventW
ResetEvent
DeviceIoControl
InterlockedExchange
SetLastError
GlobalMemoryStatusEx
RaiseException
DecodePointer
LoadLibraryA
lstrcatW
lstrcpyW
GetFileSizeEx
FormatMessageW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
GetStringTypeW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetLocalTime
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
CreateThread
ExitThread
FreeLibraryAndExitThread
GetStdHandle
GetModuleFileNameA
ExitProcess
GetCurrentThread
GetFileType
HeapReAlloc
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
SetConsoleCtrlHandler
OutputDebugStringA
WaitForSingleObjectEx
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
SetStdHandle

user32

UnregisterClassW

shell32

SHGetFolderPathW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4672644b96b9bb65276694133d789bd

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

shell32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 251KB - Virtual size: 250KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 53KB - Virtual size: 53KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 251KB - Virtual size: 250KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 53KB - Virtual size: 53KB