f9763889dce6a86f6e5f735dfde18c85

Sharing

Copy URL Twitter E-mail

General

Target

f9763889dce6a86f6e5f735dfde18c85
Size

166KB
MD5

f9763889dce6a86f6e5f735dfde18c85
SHA1

7008b1f23b09935f2297c647928abf9004fb9e4b
SHA256

5d5a4b67a007867a25150afab3e53dbd49528bc9707b99aff6200174fbd38fe6
SHA512

81cbe4165e8411bcf0c9420fac94d8c776429429783d227e3423b73c793841ebf939737a592b39b74fe05a204577752013113568384b6b3583c66b9abfd08eb1
SSDEEP

3072:vJgyz2K18BiL4btoZLBbLf10il/Zlw6vf2zYCTr79ZB:d2aZLOChdXVZO6qZrhH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9763889dce6a86f6e5f735dfde18c85

Files

f9763889dce6a86f6e5f735dfde18c85
.exe windows:5 windows x86 arch:x86

936f37bea36c622a730c170aa6c54e73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleW
ReplaceTextW
ChooseFontW

gdi32

DeleteColorSpace
GetColorSpace
GetBkMode
GetPaletteEntries
DeleteObject
CreatePenIndirect
GetBitmapBits
CreateCompatibleBitmap
TranslateCharsetInfo
SetWindowExtEx
UnrealizeObject

shlwapi

PathGetArgsW
StrCpyW
PathGetCharTypeW

user32

GetSysColor
CallWindowProcA
SendMessageA
GetDC
GetKeyNameTextW
SetWindowTextA
GetClassInfoExA
GetSystemMetrics
TranslateAcceleratorA
GetWindowLongA
LookupIconIdFromDirectory
RegisterClassW
GetAsyncKeyState
LoadStringW

kernel32

GetTapeStatus
SetHandleInformation
SetThreadPriority
GetACP
CreateNamedPipeA
CreateFileMappingW
IsValidCodePage
IsValidLocale
IsBadReadPtr
GetFileAttributesExA
CompareStringA
GlobalMemoryStatusEx
lstrlenW
InitializeCriticalSection

ole32

CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Exports

Exports

?_Xpasmdud_muieBksH_s@@YGGD@Z
?_Jlzgjbob_stVzeWc@@YGHPAKPAI@Z
_DkkqsmhB_rxfyMHu_cpnne
?_LaKdqtsV_nXebR@@YGDH@Z
?_Zolovjk_mogprxxu@@YGXDUTTNOJ@@@Z
?_ZYbdgmue_kxlztItm@@YGED@Z

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vars
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

936f37bea36c622a730c170aa6c54e73

Headers

File Characteristics

Imports

comdlg32

gdi32

shlwapi

user32

kernel32

ole32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 286B

.itext Size: 16KB - Virtual size: 16KB

.vars Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 209KB

.rsrc Size: 132KB - Virtual size: 132KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 5KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 286B

.itext
Size: 16KB - Virtual size: 16KB

.vars
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 209KB

.rsrc
Size: 132KB - Virtual size: 132KB

.reloc
Size: 4KB - Virtual size: 3KB