9c2b3c96e7762bbaf18a09ed1cdd417ddedc2839f0079b1228a1aa55a7156769

Sharing

Copy URL Twitter E-mail

General

Target

9c2b3c96e7762bbaf18a09ed1cdd417ddedc2839f0079b1228a1aa55a7156769
Size

1.5MB
MD5

7c8866f8f9f0578b431263349297f53a
SHA1

6936b2b91d0eacfdcf22f3b9ddeedd7aad5f42e8
SHA256

9c2b3c96e7762bbaf18a09ed1cdd417ddedc2839f0079b1228a1aa55a7156769
SHA512

f1e9da6d1c63c90a68da39c8d3b3dbe065975f6d66be04713dfa81465f73acd8d735af360ab974549aeeddcb681754b03e0f71907ebeb0a78e9267e8e405c9d1
SSDEEP

24576:EJ7PU5M+ZJFdtBbXJi1ISa/W2UdSxrPQ84mu20T9Jdzos0wYpNC7CZV5Cg6P:sDU5M+Z9tBbXU1ISa/W2UdSxrPQhhndQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c2b3c96e7762bbaf18a09ed1cdd417ddedc2839f0079b1228a1aa55a7156769

Files

9c2b3c96e7762bbaf18a09ed1cdd417ddedc2839f0079b1228a1aa55a7156769
.exe windows:6 windows x86

e1a963ce5169672d3e4b1396638676bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

comctl32

ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ord6
ord17
ImageList_LoadImageA

imm32

ImmAssociateContext

shlwapi

PathUnquoteSpacesA
StrStrIA
StrCmpNIA
PathIsRelativeA
PathCanonicalizeA
PathFindExtensionA
PathAppendA

kernel32

QueryPerformanceCounter
QueryPerformanceFrequency
FindClose
GetUserDefaultLCID
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStructA
WritePrivateProfileStructA
GetVersionExA
GetLastError
ReleaseMutex
CreateMutexA
GetModuleFileNameA
GetCurrentThreadId
GetLocalTime
CreateFileW
GetFileSize
ReadFile
SetFilePointer
WriteFile
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CreateFileA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
GetTempPathW
GetDateFormatW
FileTimeToSystemTime
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
GetConsoleOutputCP
GetFileSizeEx
GetStringTypeW
DecodePointer
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FindNextFileA
FindFirstFileA
SetThreadPriority
CreateEventA
ResetEvent
SetEvent
lstrcmpiA
ResumeThread
TerminateThread
CreateThread
GetProcessHeap
SetConsoleCtrlHandler
OutputDebugStringW
SetStdHandle
SetFilePointerEx
Sleep
WaitForSingleObject
CloseHandle
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTempPathA
DeleteFileA
lstrlenA
GetFileInformationByHandle
lstrcpyA
ExitProcess
GetModuleFileNameW
GetStdHandle
GetCurrentThread
HeapFree
HeapAlloc
GetConsoleMode
FlushFileBuffers
ReadConsoleW
GetTimeFormatW
FileTimeToLocalFileTime
HeapSize
HeapReAlloc
SetEndOfFile
RaiseException
WriteConsoleW

user32

ShowCursor
FillRect
InvertRect
SetScrollInfo
GetScrollInfo
CheckRadioButton
DrawEdge
ModifyMenuA
EnableMenuItem
DrawMenuBar
GetMenuStringA
InsertMenuA
DeleteMenu
SetMenu
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
CreateWindowExA
RegisterClassExA
PostQuitMessage
GetMenuItemCount
GetMenuItemID
GetMessageA
CheckMenuItem
GetDlgItemInt
SetDlgItemInt
GetAsyncKeyState
SetRect
ClientToScreen
GetCursorPos
GetParent
ReleaseDC
InvalidateRect
TrackPopupMenu
GetSubMenu
TranslateMessage
LoadMenuA
GetSystemMetrics
IsDlgButtonChecked
CheckDlgButton
ScreenToClient
MessageBeep
GetWindowRect
GetWindowTextLengthA
GetFocus
SetFocus
CreateDialogParamA
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
MessageBoxA
GetWindowTextA
SetWindowTextA
EnableWindow
KillTimer
SetTimer
GetDlgItemTextA
DefWindowProcA
PostMessageA
LoadStringA
LoadIconA
LoadCursorA
SetWindowLongA
GetWindowLongA
PtInRect
OffsetRect
SetCursor
GetClientRect
EndPaint
BeginPaint
GetDC
DrawTextA
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxParamA
IsWindow
CallWindowProcA
SendMessageA
wsprintfA
DispatchMessageA
RedrawWindow
UpdateWindow
FindWindowA
IsDialogMessageA
SetWindowsHookExA
UnhookWindowsHookEx
DestroyMenu
CallNextHookEx
SetForegroundWindow

gdi32

DeleteObject
SelectObject
CreateFontIndirectA
AnimatePalette
TextOutA
CreatePalette
SelectPalette
RealizePalette
ExtTextOutA
GetSystemPaletteEntries
SetBkMode
SetTextColor
GetObjectA
StretchDIBits
SetBkColor
GetStockObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetPathFromIDListA
DragAcceptFiles

ole32

CoCreateInstance
CoInitialize
CoUninitialize

msvfw32

ICCompressorFree
ICCompressorChoose

avifil32

AVIFileInit
AVIFileOpenA
AVIFileRelease
AVIFileCreateStreamA
AVIStreamRelease
AVIStreamSetFormat
AVIStreamWrite
AVIFileExit
AVIMakeCompressedStream

wsock32

WSAGetLastError
WSACleanup
WSAStartup
socket
shutdown
setsockopt
sendto
send
recvfrom
recv
WSACancelAsyncRequest
ioctlsocket
htons
htonl
inet_ntoa
connect
closesocket
bind
accept
inet_addr
WSAAsyncGetHostByName
WSAAsyncSelect
listen

version

GetFileVersionInfoSizeA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1a963ce5169672d3e4b1396638676bb

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comctl32

imm32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

msvfw32

avifil32

wsock32

version

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 167KB - Virtual size: 166KB

.data Size: 57KB - Virtual size: 4.4MB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 167KB - Virtual size: 166KB

.data
Size: 57KB - Virtual size: 4.4MB

.rsrc
Size: 5KB - Virtual size: 5KB