9640b9ae3813210cd1c683cd92a652882818ab464c7e4cb3a1a019ef77b58b1e

Sharing

Copy URL Twitter E-mail

General

Target

9640b9ae3813210cd1c683cd92a652882818ab464c7e4cb3a1a019ef77b58b1e
Size

328KB
MD5

572348f47b912d6b95d733a41a8dc44e
SHA1

b9e87f0c0f66e47df15c3ac68587aa1ff461c270
SHA256

9640b9ae3813210cd1c683cd92a652882818ab464c7e4cb3a1a019ef77b58b1e
SHA512

6d88bffb5b6c95343dda486e0b9fd84b00dab5b36fae59c9f59963c6e47c617d63aa12756751b42f995fdda909bf6705cdba073f42bec53afb9eb31cb056e9e6
SSDEEP

6144:GYRH41RYVQltqFArQgjCB/Fkj+5/Ve7w+tCBYOi71prbw:GaY1R+qGAljU95luwgVOaprk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9640b9ae3813210cd1c683cd92a652882818ab464c7e4cb3a1a019ef77b58b1e

Files

9640b9ae3813210cd1c683cd92a652882818ab464c7e4cb3a1a019ef77b58b1e
.exe windows:5 windows x86

c65aa68949c3a73a3696dcfae3566774

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
WriteConsoleW
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
Sleep
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapReAlloc
VirtualAlloc
CreateFileA
CloseHandle
FlushFileBuffers
OpenFileMappingA
MapViewOfFile
GetLastError
GetCurrentProcess
SetPriorityClass
GetPriorityClass
lstrcpyA
LoadLibraryW
GetProcAddress
HeapAlloc
IsValidCodePage
lstrlenA
SetConsoleTitleA
SetCurrentDirectoryA
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
GetCurrentDirectoryA
GetLogicalDriveStringsW
GetModuleHandleA
GetCurrentProcessId
LoadLibraryA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
HeapFree
GetStartupInfoA
GetCommandLineA
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess

user32

GetDlgItem
BeginPaint
GetSystemMenu
FindWindowExA
LoadCursorA
RegisterClassA
DefWindowProcA
wsprintfA
DrawIcon
CreateIconIndirect
GetIconInfo
DialogBoxParamA
PostQuitMessage
DeleteMenu
InsertMenuA
SendMessageA
DestroyWindow
GetClientRect
MoveWindow
ShowWindow
SendDlgItemMessageA
CreateWindowExA
MessageBoxA
CreateMenu
IsDlgButtonChecked
SetDlgItemTextA
EnableWindow
DdeImpersonateClient
GetWindowTextLengthA
DdeKeepStringHandle
DdeNameService
LoadBitmapA
GetMenuCheckMarkDimensions
LoadIconA
GetDC
ReleaseDC
SetWindowTextA
DrawIconEx
EndPaint
GetSystemMetrics
GetDlgItemTextA
GetForegroundWindow
DrawTextA
FindWindowA
SetForegroundWindow
GetCursorPos
GetWindowRect
GetMessageExtraInfo
mouse_event
UpdateWindow
LoadStringA
GetCursorInfo

gdi32

GetTextMetricsA
SetTextAlign
SetViewportOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateFontA
SetBkMode
SetTextColor
DeleteObject
CreateDCA
GetDeviceCaps
BitBlt
GetPixel
RoundRect
CreateFontIndirectA
SelectObject
GetStockObject
CombineRgn

advapi32

RegSetKeySecurity

shell32

SHGetFolderPathW

wininet

InternetConnectA
InternetOpenA
HttpOpenRequestA
HttpSendRequestA
FtpDeleteFileA

msacm32

acmMetrics
acmFormatEnumA

comctl32

ImageList_ReplaceIcon
ImageList_Create
ord17
ImageList_Add

pdh

PdhBrowseCountersA

gdiplus

GdiplusStartup

uxtheme

GetThemeInt

wsnmp32

ord606
ord605

rasapi32

RasGetErrorStringA
RasHangUpA
RasDialA

sensapi

IsNetworkAlive

Exports

Exports

Exception

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c65aa68949c3a73a3696dcfae3566774

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wininet

msacm32

comctl32

pdh

gdiplus

uxtheme

wsnmp32

rasapi32

sensapi

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 6KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 181KB - Virtual size: 181KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 6KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 181KB - Virtual size: 181KB

.reloc
Size: 10KB - Virtual size: 10KB