7009aaef45e2994dc5d0eb44a7722eca

Sharing

Copy URL Twitter E-mail

General

Target

7009aaef45e2994dc5d0eb44a7722eca
Size

11KB
MD5

7009aaef45e2994dc5d0eb44a7722eca
SHA1

4551370b3cb6e97ff2123f070e041c6681091a4c
SHA256

e09d4fa496b23cec010db88b62b3e74e7109fe6e7e30f6a10445eeca089fdbe4
SHA512

8dd75a5280a3cb16d0414f0ecc84dd3c21507aeeb08e1f043fae9b46900ca0d1b2747768a805b8f6d1f53e9a4e7bc585ff4ca2d235cf1dbc219c564210ef0f0e
SSDEEP

192:M9IUp+3DHD1TrKhAe9n6u4kdLgdvPFsu+XNbqckh/hPD+Qf5YjNqwE:tUpY1vKhAin6u4uoaPE1h/XWjNm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7009aaef45e2994dc5d0eb44a7722eca

Files

7009aaef45e2994dc5d0eb44a7722eca
.exe windows:4 windows x86 arch:x86

1ccd8bcd354079cbaf1e85233de82c9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
SetEvent
GetUserDefaultLCID
CreateEventA
TlsFree
GetTempFileNameA
InterlockedDecrement
HeapReAlloc
GetStdHandle
_lwrite
SetStdHandle
SetLocalTime
UnlockFile
ReadFile
LoadLibraryExA
VirtualQuery
GetFullPathNameA
GetFileTime
ResetEvent
LockFile
VirtualProtect
GlobalHandle
CreateFileA
FindResourceA
GetACP
InitializeCriticalSection
CreateThread
HeapCreate
GetCurrentDirectoryA
ReleaseSemaphore
GetLocaleInfoA
ExitProcess
LockResource
CreateProcessW
HeapFree
_lclose
GetStartupInfoA
GetEnvironmentStrings
Sleep
lstrcmpA
GetTimeZoneInformation
SetLastError
TlsSetValue
GetStringTypeA
InterlockedIncrement
GetProfileStringA
_lread
GlobalSize
GetTempPathA
IsBadReadPtr
TlsAlloc
TerminateProcess
SetEnvironmentVariableA
LCMapStringW
GetModuleFileNameA
GetOEMCP
SizeofResource
DuplicateHandle
SetErrorMode
FileTimeToLocalFileTime
LeaveCriticalSection
SetHandleCount
GetCurrentProcessId
GetFileAttributesA
GetDriveTypeA
GetDateFormatA
CreateProcessA
FreeResource
GetStringTypeExA
GlobalAddAtomA
GetSystemDefaultLangID
FileTimeToSystemTime
FreeLibrary
FindClose
lstrcpynA
VirtualAlloc
EnterCriticalSection
LoadResource
GetVersion
WideCharToMultiByte
SystemTimeToFileTime
ExitThread
ResumeThread
GlobalAlloc
FlushFileBuffers
CompareStringA
GetModuleFileNameW
GetUserDefaultLangID
GetSystemDirectoryA
WaitForSingleObject
MulDiv
GetSystemDefaultLCID
GetStringTypeW
CreateSemaphoreA
GetModuleHandleA
GetFileType
GetLocalTime
GetVersionExA
GlobalUnlock
MoveFileA
GetProcAddress
FindNextFileA
GetLastError
FlushInstructionCache
GetExitCodeProcess
RtlUnwind
GlobalLock

ddraw

DirectDrawEnumerateA

msi

MsiConfigureFeatureW
MsiAdvertiseProductW
MsiDatabaseCommit

user32

CallMsgFilterA

samlib

SamRemoveMultipleMembersFromAlias
SamTestPrivateFunctionsUser
SamiEncryptPasswords
SamConnectWithCreds

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ccd8bcd354079cbaf1e85233de82c9b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ddraw

msi

user32

samlib

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 872KB

.reloc Size: 512B - Virtual size: 64B

.rdata Size: 35KB - Virtual size: 35KB

.rsrc Size: 358KB - Virtual size: 358KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 872KB

.reloc
Size: 512B - Virtual size: 64B

.rdata
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 358KB - Virtual size: 358KB