09a749c12b13b94702ec3ffe51fedc96

General

Target

09a749c12b13b94702ec3ffe51fedc96
Size

128KB
MD5

09a749c12b13b94702ec3ffe51fedc96
SHA1

ea03704a94218ec59e9ae87fb797feb84b7c829e
SHA256

48f4d495a85162989ef8e71065b7b148c695a90c05ae4945ca7c603cc3538265
SHA512

f776f8aeb7d1618af5d54a9a7b17180a5565e454796660319c7619df55150a0b20c02e1640212bd32fa95633abed11ac4515ac86b972c5a1ed60fb3e04898a5f
SSDEEP

3072:uGZE6He3fbubS6EBKIUSVxF20L9guN0kOb:uFu4ff6EBKbSVD5/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09a749c12b13b94702ec3ffe51fedc96

Files

09a749c12b13b94702ec3ffe51fedc96
.exe windows:1 windows x86 arch:x86

034e0a7fdf076ad5b268ea826dbf8c6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
IsValidCodePage
LocalFree
HeapSize
GetExitCodeThread
LoadLibraryW
WriteConsoleW
GetProcAddress
GetOEMCP
VirtualAlloc
MulDiv
WriteFile
SetEndOfFile
TlsGetValue
CreateFileMappingA
GetCurrentThread
FindResourceA
RtlUnwind
ReadFile
GetModuleHandleA
GetDriveTypeA
LocalAlloc
GetStringTypeExW
lstrcpynA
GetStartupInfoA
WaitForMultipleObjects
WideCharToMultiByte
SetEvent
HeapFree
SetLastError
SetPriorityClass
lstrlenA
GetVersionExA
LCMapStringA
IsBadStringPtrW
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentStrings
ReadProcessMemory
DeviceIoControl
LoadLibraryA

user32

SetWindowPos
LoadAcceleratorsA
GetSysColor
FindWindowA
DestroyIcon
GetMessageA
BeginPaint
InvalidateRect
MapWindowPoints
ExitWindowsEx
DefMDIChildProcA
InsertMenuA
InflateRect
DrawIconEx
ScreenToClient
GetPropA
FindWindowExA
SystemParametersInfoA
InvalidateRgn
IsIconic
SetFocus
KillTimer
GetSystemMetrics
SetUserObjectSecurity
IsDialogMessageA
LoadCursorA
DeleteMenu
RegisterClassExA
IsWindowVisible
GetKeyState
EnumWindows
SetClassLongA
SetWindowTextA
PostQuitMessage
UnionRect
DestroyWindow
CreateDialogParamA
SendMessageTimeoutA

msvcrt

__p__commode
_controlfp
_XcptFilter
__set_app_type
memcpy
_acmdln
__p__fmode
_initterm
_adjust_fdiv
_except_handler3
__setusermatherr
_exit
__getmainargs
exit

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

034e0a7fdf076ad5b268ea826dbf8c6f

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 56KB

.rsrc Size: 94KB - Virtual size: 93KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 56KB

.rsrc
Size: 94KB - Virtual size: 93KB