9dc5a63e3a44e7e0bcf7d66722403789

General

Target

9dc5a63e3a44e7e0bcf7d66722403789
Size

268KB
MD5

9dc5a63e3a44e7e0bcf7d66722403789
SHA1

9b1258d6c68c9947ea956f928579d0c9162aed6a
SHA256

5a237d75a5dba3d1d2447773e1191808081c7b5f117d5969563cd6fdd94e0f42
SHA512

3ed2cac247d46f39ac83a89ba448e95a0f490a945b2af2be2eb50b5cb30394106df0cc2a6f5b901e73c7cbba1f8fa76ad8473b8e7287d2ebd78ec50c3f62ddca
SSDEEP

3072:TZt55r755rTcOdsOmsppS1Fuiv89JC9Crnm8vwardyBX47GSODRXw3pjd:TPrHrIOnAuhgCrNwarYaaSOVgZh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9dc5a63e3a44e7e0bcf7d66722403789

Files

9dc5a63e3a44e7e0bcf7d66722403789
.exe windows:4 windows x86 arch:x86

bd788a6b0acf5a7a1e70dcc431247b11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

FreeLibrary
FindResourceExA
LoadLibraryA
FreeResource
SizeofResource
LockResource
LoadResource
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
Sleep
ExitProcess
GetCommandLineA
GetTempPathA
GetModuleHandleA
CloseHandle
WaitForSingleObject
CreateProcessA

user32

PostQuitMessage
DefWindowProcA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
SetDlgItemTextA
LoadBitmapA
GetClientRect
FillRect
ShowWindow
PostMessageA
GetDlgItem
SendMessageA
GetParent
EndDialog
LoadStringA
MessageBoxA
GetDesktopWindow
DialogBoxParamA

gdi32

CreatePatternBrush
CreatePen
SetBkMode
SetTextColor
DeleteObject

msvcr71

__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
__p__fmode
__set_app_type
_onexit
_controlfp
__dllonexit
strncpy
strstr
strcpy
_chdir
strlen
sprintf
memset
_beginthread
_endthread
fclose
fflush
fwrite
fopen
_splitpath
__security_error_handler
_except_handler3
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_strupr

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd788a6b0acf5a7a1e70dcc431247b11

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

msvcr71

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 248KB - Virtual size: 246KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 248KB - Virtual size: 246KB