9ab0acf6636d1196e72a553c47bb42b6[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9ab0acf6636d1196e72a553c47bb42b6.exe
Size

280KB
MD5

9ab0acf6636d1196e72a553c47bb42b6
SHA1

402eb3a46942fef9b0742213e3161fc4f7737bb7
SHA256

e193ea57d97c43c55d35817e1678a1f51d5f07f1895a4b8ad4ca7a1fab274d6b
SHA512

b40b24bf84b45659334f7b2e1e3fa3f1db56f673dd851afa92d41807f0d992b2d5c88298c752e44de8eb63f99b78a762d132a60858370f6c967d864742262b8e
SSDEEP

6144:l7gldFhjXHI1pQbjjjfnee+k1RFUKd/KMN:pgbFpXIzQbjjyeF1jiM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ab0acf6636d1196e72a553c47bb42b6.exe

Files

9ab0acf6636d1196e72a553c47bb42b6.exe
.exe windows:5 windows x86 arch:x86

dff9f0318f3ab84d1f4eabb956fd8722

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalUnlock
FindFirstFileW
SetThreadContext
WriteConsoleInputW
GetStringTypeA
CommConfigDialogA
DebugActiveProcessStop
ConvertThreadToFiber
GlobalAddAtomA
InterlockedIncrement
HeapFree
GetEnvironmentStringsW
GetFileAttributesExA
GetModuleHandleW
ReadConsoleW
GetCompressedFileSizeW
GetCommandLineA
GetConsoleCP
GlobalAlloc
SetFileShortNameW
LoadLibraryW
GetLocaleInfoW
ReadFileScatter
SetVolumeMountPointA
DeleteVolumeMountPointW
GlobalFlags
GetConsoleAliasW
GetModuleFileNameW
FlushFileBuffers
GetShortPathNameA
GetNamedPipeHandleStateW
GetCPInfoExW
GetLastError
GetCurrentDirectoryW
SetLastError
SetComputerNameA
OpenWaitableTimerA
LoadLibraryA
WriteConsoleA
FindNextFileA
FindFirstVolumeMountPointA
GetModuleHandleA
UpdateResourceW
VirtualProtect
GetCPInfoExA
GetWindowsDirectoryW
GetProfileSectionW
CreateFileW
SetStdHandle
SetFilePointer
WriteConsoleW
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
MoveFileA
HeapReAlloc
HeapSetInformation
GetStartupInfoW
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapSize
GetProcAddress
ExitProcess
HeapCreate
HeapDestroy
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
FatalAppExitA
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
SetConsoleCtrlHandler
FreeLibrary
LCMapStringW
GetConsoleMode
ReadFile
CloseHandle
DeleteFileA

user32

CharUpperBuffW
CharToOemBuffW
GetNextDlgTabItem

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tiy
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dff9f0318f3ab84d1f4eabb956fd8722

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 91KB - Virtual size: 4.8MB

.tiy Size: 512B - Virtual size: 1B

.rsrc Size: 58KB - Virtual size: 58KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 91KB - Virtual size: 4.8MB

.tiy
Size: 512B - Virtual size: 1B

.rsrc
Size: 58KB - Virtual size: 58KB