c9bbdf3e183d6dcf2f42f41c96475b4aaa6df6615c1a0affca13f031c5a4b8c3

Sharing

Copy URL Twitter E-mail

General

Target

c9bbdf3e183d6dcf2f42f41c96475b4aaa6df6615c1a0affca13f031c5a4b8c3
Size

1015KB
MD5

4f88b776daeeb7d2caaedb8c17b207e5
SHA1

69f6754477ba0696a92b70a8a2f906caf2f796a2
SHA256

c9bbdf3e183d6dcf2f42f41c96475b4aaa6df6615c1a0affca13f031c5a4b8c3
SHA512

55a1e850d93fdd63b2ed0a2dfb0f315992d4c2b0cf48cde3eace760f0d33ee1b395132576bb84bea105e53caff6a4fbb040bff45c6d6c11e812ce58d0c079536
SSDEEP

24576:rGKf4EqIXcfPxARBNP7o9aqSDtTdOQXvAmdi2:yKZ1M9aHDtTdOQXvLi2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9bbdf3e183d6dcf2f42f41c96475b4aaa6df6615c1a0affca13f031c5a4b8c3

Files

c9bbdf3e183d6dcf2f42f41c96475b4aaa6df6615c1a0affca13f031c5a4b8c3
.exe windows x86

16d689c642412331a18a3a7a7f18b12b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
lstrcpyW
DeleteFileW
FindNextFileW
lstrcmpiW
RemoveDirectoryW
FindClose
FindFirstFileW
CreateToolhelp32Snapshot
Process32NextW
Module32FirstW
Process32FirstW
GetProcAddress
lstrlenW
MultiByteToWideChar
CreateFileW
WideCharToMultiByte
WriteFile
GetModuleHandleW
GetCurrentProcess
FindResourceExW
ReleaseMutex
GetLastError
CreateMutexW
GetCommandLineW
LockResource
InterlockedIncrement
InterlockedDecrement
SizeofResource
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReadFile
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
HeapSize
GetLocaleInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteConsoleW
SetEndOfFile
GetProcessHeap
GetCurrentDirectoryW
GetFileSize
DosDateTimeToFileTime
SystemTimeToFileTime
DuplicateHandle
MulDiv
GetLocalTime
LoadResource
FindResourceW
FreeResource
CloseHandle
GetTempPathW
GetModuleFileNameW
TerminateProcess
OpenProcess
WaitForSingleObject
InterlockedExchange
CreateProcessW

user32

IsZoomed
MessageBoxW
SetWindowRgn
GetKeyState
DestroyWindow
ReleaseDC
GetDC
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
UpdateLayeredWindow
InvalidateRect
MapWindowPoints
GetCursorPos
GetFocus
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
IntersectRect
CharNextW
MoveWindow
CreateCaret
ShowCaret
HideCaret
SetCaretPos
IsIconic
RegisterClassExW
DrawTextW
OffsetRect
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
DrawIconEx
GetWindowRect
DispatchMessageW
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
IsWindow
SetWindowLongW
CreateWindowExW
DefWindowProcW
GetClassInfoExW
RegisterClassW
LoadCursorW
SendMessageW
GetSystemMetrics
GetClientRect
SetCursor
ClientToScreen
InflateRect
PostMessageW
LoadImageW
SetWindowPos
MonitorFromWindow
GetMonitorInfoW
GetPropW
SetPropW
CallWindowProcW
FillRect
GetWindowLongW
ShowWindow
ScreenToClient
PostQuitMessage
GetSysColor
GetParent

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueW

shell32

CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
SHChangeNotify

ole32

CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning

shlwapi

SHDeleteKeyW
PathIsDirectoryEmptyW
PathFileExistsW

wininet

HttpOpenRequestW
HttpSendRequestW
InternetConnectW
InternetOpenW

msimg32

AlphaBlend

gdi32

RestoreDC
Rectangle
SetWindowOrgEx
GetTextMetricsW
GetObjectA
GetDeviceCaps
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CombineRgn
BitBlt
StretchBlt
SetTextColor
SetBkColor
SetBkMode
SetStretchBltMode
ExtTextOutW
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
DeleteObject
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
CreateDIBSection
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
CreateRoundRectRgn

oleaut32

VariantClear
SysAllocString
VariantInit
SysFreeString

comctl32

_TrackMouseEvent
ord17

gdiplus

GdipCloneBrush
GdipAlloc
GdipDrawString
GdiplusStartup
GdiplusShutdown
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateLineBrushI
GdipDeleteBrush
GdipFree

Sections

.text
Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

16d689c642412331a18a3a7a7f18b12b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

wininet

msimg32

gdi32

oleaut32

comctl32

gdiplus

Sections

.text Size: 524KB - Virtual size: 524KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 23KB - Virtual size: 34KB

.rsrc Size: 368KB - Virtual size: 368KB

.text
Size: 524KB - Virtual size: 524KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 23KB - Virtual size: 34KB

.rsrc
Size: 368KB - Virtual size: 368KB