9e78d92953fd7ab0025a6b0e694725f56bb4290b7d11db87e412e75a7913bb33

Sharing

Copy URL Twitter E-mail

General

Target

9e78d92953fd7ab0025a6b0e694725f56bb4290b7d11db87e412e75a7913bb33
Size

253KB
MD5

a0195c307ecf5ab711f2665a488995f8
SHA1

2e4e2b648de9a6559680eeca146047c1153eafc1
SHA256

9e78d92953fd7ab0025a6b0e694725f56bb4290b7d11db87e412e75a7913bb33
SHA512

d94851d4d883bf5e6c49864f38cd6855d50c6132d98f8015c5d0a9a828ae70f3547878a621e70bdd4d316a1c3ec5337b0c3ec1e4f3055689e5908039fce05b06
SSDEEP

3072:bJZ+K8b9LOMnnqRtsfT5OtL9gsFCOXWLjPROWHrfbuYJCSc5JyPGk82NlTP:6K8bJhnnULz8OmLjPLmcxMyxrP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e78d92953fd7ab0025a6b0e694725f56bb4290b7d11db87e412e75a7913bb33

Files

9e78d92953fd7ab0025a6b0e694725f56bb4290b7d11db87e412e75a7913bb33
.exe windows:5 windows x86

4fb0bcf26b1d5a4b99e9053f9366e05e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
GetConsoleAliasExesA
SetComputerNameExA
GetCommState
GetModuleHandleExW
WriteConsoleInputA
CreateHardLinkA
GetTickCount
GetConsoleAliasesLengthA
GetWindowsDirectoryA
GetPriorityClass
GetVolumePathNameW
WideCharToMultiByte
LoadLibraryW
SizeofResource
SetVolumeMountPointA
GetSystemWindowsDirectoryA
GetConsoleAliasExesLengthW
GetNamedPipeInfo
InterlockedExchange
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
PeekConsoleInputW
WriteConsoleOutputCharacterW
BackupWrite
RemoveDirectoryA
EnumSystemCodePagesW
LoadLibraryA
LocalAlloc
SetCalendarInfoW
SetConsoleCtrlHandler
GetNumberFormatW
BeginUpdateResourceA
AddAtomA
FoldStringW
GetOEMCP
FindFirstChangeNotificationA
FreeEnvironmentStringsW
GlobalAddAtomW
AddConsoleAliasA
SetFileAttributesW
CloseHandle
CreateFileA
FindFirstFileW
SetDefaultCommConfigA
BeginUpdateResourceW
FillConsoleOutputCharacterA
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetModuleHandleW
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
SetHandleCount
GetFileType
SetFilePointer
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetModuleHandleA
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

ChangeDisplaySettingsW
LoadMenuA
CharToOemBuffW
GetWindowTextLengthW

gdi32

GetCharABCWidthsFloatA
GetBitmapDimensionEx

advapi32

RegOpenKeyA

shell32

ExtractAssociatedIconW

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fb0bcf26b1d5a4b99e9053f9366e05e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 139KB - Virtual size: 139KB

.data Size: 7KB - Virtual size: 1.5MB

.rsrc Size: 95KB - Virtual size: 571KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 139KB - Virtual size: 139KB

.data
Size: 7KB - Virtual size: 1.5MB

.rsrc
Size: 95KB - Virtual size: 571KB

.reloc
Size: 10KB - Virtual size: 9KB