009fc6d58248cb54f86923aab23612c6

Sharing

Copy URL Twitter E-mail

General

Target

009fc6d58248cb54f86923aab23612c6
Size

326KB
MD5

009fc6d58248cb54f86923aab23612c6
SHA1

d39f4c19b6739b5f41bd0d46d433ed006c049efe
SHA256

e2442c5eda100e60e5410942b6f068f11d197faf739791a9bc11e61623ee6146
SHA512

a5f42401de0fd178c0cebcdf19b2a4ac90743f3af91b39913f11df9d729c4025c51e95dab142a78011af5ec50b3de9d038dba3a8a8eb798f4ee2967df293b4cb
SSDEEP

6144:tCHMSFotQUUoOceyLNqemKygnal4Pe4Baw+1jBRG3Elle0hfPlGPVbeIjZsbUIQ/:tCsqoiUUoOceyLNJmKygnal4PPaD1jBC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
009fc6d58248cb54f86923aab23612c6

Files

009fc6d58248cb54f86923aab23612c6
.exe windows:4 windows x86 arch:x86

90009a4ac495bad49507ad8c6a0823da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalUnlock
GetCurrentThreadId
GetVersionExA
FormatMessageA
GetLastError
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetFullPathNameA
FindClose
FindNextFileA
FindFirstFileA
FreeLibrary
LoadLibraryA
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
CloseHandle
GetExitCodeProcess
SetEnvironmentVariableA
CreateProcessA
MulDiv
TerminateProcess
OpenProcess
GetDiskFreeSpaceA
SetErrorMode
GetVolumeInformationA
GetDriveTypeA
SetVolumeLabelA
DeleteFileA
GetFileAttributesA
MultiByteToWideChar
CreateDirectoryA
SetFileAttributesA
SetFileTime
CreateFileA
LocalFileTimeToFileTime
GlobalLock
RemoveDirectoryA
CopyFileA
MoveFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetLocalTime
GetSystemTime
GetEnvironmentVariableA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ReadProcessMemory
HeapCreate
HeapDestroy
HeapSize
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetCommandLineA
GetStartupInfoA
HeapReAlloc
GetTimeZoneInformation
HeapAlloc
HeapFree
ExitProcess
VirtualAlloc
WriteFile
GetACP
GlobalFree
GetCurrentDirectoryA
Sleep
GetCurrentProcessId
SetCurrentDirectoryA
GetTickCount
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReadFile
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetOEMCP
GetCPInfo
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
QueryPerformanceCounter
RtlUnwind
InterlockedExchange
SetEndOfFile
VirtualFree
CompareStringA
GetCurrentProcess
CompareStringW

advapi32

RegQueryInfoKeyA
OpenSCManagerA
LockServiceDatabase
UnlockServiceDatabase
CloseServiceHandle
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
RegConnectRegistryA
RegEnumKeyExA
RegEnumValueA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

GetPixel
GetTextMetricsA
CreateDCA
GetStockObject
SelectObject
GetTextFaceA
GetDeviceCaps
DeleteDC
DeleteObject
CreateFontA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

shell32

SHFileOperationA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
Shell_NotifyIconA
DragQueryFileA
ExtractIconA

user32

SystemParametersInfoA
GetSystemMetrics
SendMessageTimeoutA
MessageBoxA
mouse_event
AdjustWindowRectEx
DrawTextA
SetRect
SetWindowTextA
GetWindowRect
GetDesktopWindow
GetQueueStatus
IsWindowVisible
MoveWindow
GetMenuStringA
GetSubMenu
GetMenuItemID
GetMenuItemCount
SetActiveWindow
ScreenToClient
GetParent
SetFocus
GetDlgCtrlID
EnableWindow
IsWindowEnabled
SetWindowLongA
SetWindowPos
GetWindowLongA
GetWindowTextLengthA
EnumWindows
ReleaseDC
GetDC
SetForegroundWindow
IsIconic
GetDlgItem
EnumChildWindows
GetFocus
DefWindowProcA
RegisterWindowMessageA
ReplyMessage
InvalidateRect
SetDlgItemTextA
SendDlgItemMessageA
DialogBoxParamA
GetClientRect
SetMenuDefaultItem
AppendMenuA
DestroyMenu
IsMenu
DeleteMenu
SetMenuItemInfoA
CreatePopupMenu
TrackPopupMenuEx
GetWindow
GetTopWindow
BringWindowToTop
LoadCursorA
IsCharAlphaNumericA
IsCharUpperA
LoadIconA
DestroyWindow
DestroyIcon
IsCharAlphaA
AttachThreadInput
GetKeyboardLayoutNameA
keybd_event
GetKeyNameTextA
VkKeyScanA
MapVirtualKeyA
GetAsyncKeyState
GetKeyboardState
SetKeyboardState
PostQuitMessage
UnregisterHotKey
RegisterHotKey
PostThreadMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetKeyState
ToAscii
GetWindowTextA
CallNextHookEx
EmptyClipboard
SetClipboardData
GetClipboardData
OpenClipboard
CloseClipboard
FindWindowA
PostMessageA
SendMessageA
GetSysColorBrush
RegisterClassExA
CreateWindowExA
EnableMenuItem
LoadAcceleratorsA
GetCursorPos
WindowFromPoint
ExitWindowsEx
GetCursor
GetMessageA
PeekMessageA
ShowWindow
GetForegroundWindow
GetWindowThreadProcessId
GetClassNameA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetMenu
CheckMenuItem
IsWindow
EndDialog
KillTimer
SetTimer
IsClipboardFormatAvailable
IsCharLowerA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winmm

mixerGetControlDetailsA
joyGetPosEx
mixerSetControlDetails
joyGetDevCapsA
mixerClose
mixerGetLineControlsA
mixerGetDevCapsA
waveOutSetVolume
waveOutGetVolume
mixerOpen
mixerGetLineInfoA
mciSendStringA

wsock32

WSAStartup
gethostname
gethostbyname
inet_addr
WSACleanup

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90009a4ac495bad49507ad8c6a0823da

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

gdi32

ole32

shell32

user32

version

winmm

wsock32

Sections

.text Size: 269KB - Virtual size: 268KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 28KB

.rsrc Size: 6KB - Virtual size: 12KB

.text
Size: 269KB - Virtual size: 268KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 28KB

.rsrc
Size: 6KB - Virtual size: 12KB