01c9936f2a1449a263467458e7c5d070 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01c9936f2a1449a263467458e7c5d070
Size

745KB
MD5

01c9936f2a1449a263467458e7c5d070
SHA1

e23e898433d08938a9405782df391b313226090a
SHA256

48e0ba8c959f9cc9ec53c78a2c2c31c49e5e32536c7607d9ddb0355d4595b020
SHA512

1eff77c13319b79d6bff3b3011a0d3e0c88ea22927b23b9125d8f6b9dcc12ca96d9795a968a2178bd911cd27defd72c97e9953bd82e5da66b672cd360b6ecc90
SSDEEP

12288:DubQpGW0eXnmAR3LCqKp17OZ5eWM43YeCfZl+10T7Xs0RNfBcYdHHNVE6FT6+Qk1:ybQNjmAR+1p2MH9+w3RNfB7BHJV6+nYG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01c9936f2a1449a263467458e7c5d070

Files

01c9936f2a1449a263467458e7c5d070
.exe windows:4 windows x86 arch:x86

ddf8fdcb3a25d13a402121a04c13c459

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomW
WaitForSingleObject
SetLastError
ReadFile
GetEnvironmentVariableA
ExitProcess
GetCommandLineA
SetEndOfFile
DeleteFileW
GetFileAttributesA
SetLastError
IsBadReadPtr
GetCurrentDirectoryA
HeapSize
Sleep
SetFileAttributesW
EnterCriticalSection
CloseHandle
GetFileSize
SuspendThread
VirtualAlloc
GetVersion
RemoveDirectoryA
GetModuleHandleA
CreateFileA

cryptui

DllUnregisterServer
CryptUIWizImport
DllRegisterServer
CryptUIDlgSelectStoreA
CryptUIWizBuildCTL
LocalEnrollNoDS
CryptUIDlgFreeCAContext
CryptUIWizExport
LocalEnroll
CryptUIDlgFreeCAContext
CryptUIDlgViewContext
CryptUIDlgFreeCAContext
CryptUIWizDigitalSign

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 737KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ