09566d50096461015a9b043dcf38ab8a

Sharing

Copy URL Twitter E-mail

General

Target

09566d50096461015a9b043dcf38ab8a
Size

537KB
MD5

09566d50096461015a9b043dcf38ab8a
SHA1

c1415f46fc45eae7ade4542b13946ef5da54154a
SHA256

d701bffab405195033a6e23daccbaef2174da9e4484ac44a4e26d0237e09db21
SHA512

6ed85fce405da1cb91ba5e345a4746a2e185a797436a6e407c73b39c727d4509733ebd6cc19dbc5add89eb901b929a3371b476861c50c5e43ff7f9b010cd2261
SSDEEP

12288:2RQtUG/bbBf9scA/gdGV/eg3kKuoqhycxPcM1ipD/:yQ6ab99a/gdOeg3kKuoWx5kpD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09566d50096461015a9b043dcf38ab8a

Files

09566d50096461015a9b043dcf38ab8a
.exe windows:4 windows x86 arch:x86

b333c8eaf90f60d23b06e255dcd285f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconEx

comdlg32

GetSaveFileNameW
FindTextW

kernel32

TlsAlloc
TlsFree
EnumSystemLocalesA
FreeEnvironmentStringsW
GetVersionExA
ReadFile
SetFilePointer
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameW
TlsSetValue
GetFileType
GetEnvironmentStringsW
GetCurrentThreadId
CreateMutexA
QueryPerformanceCounter
GetUserDefaultLCID
HeapReAlloc
FlushFileBuffers
InitializeCriticalSection
GetTimeFormatA
GetStartupInfoW
HeapAlloc
CompareStringW
EnterCriticalSection
OpenProcess
HeapCreate
SetStdHandle
LCMapStringA
TerminateProcess
GetCommandLineW
CreateFileW
LCMapStringW
GetModuleFileNameA
LoadLibraryA
ExitProcess
SetLastError
GetStdHandle
HeapFree
GetStringTypeW
GetCurrentProcessId
FindClose
VirtualQuery
IsValidCodePage
CloseHandle
GetCurrentThread
FreeEnvironmentStringsA
DeleteCriticalSection
GetLocaleInfoA
HeapDestroy
GetProcAddress
LeaveCriticalSection
VirtualAlloc
GetEnvironmentStrings
GetLocaleInfoW
GetStringTypeA
SetHandleCount
UnhandledExceptionFilter
GetCommandLineA
IsValidLocale
SetEnvironmentVariableA
GetTimeZoneInformation
GetTickCount
CompareStringA
GetOEMCP
GetCurrentProcess
OpenMutexA
GetLastError
VirtualProtect
VirtualFree
WideCharToMultiByte
GetACP
WriteFile
GetSystemInfo
GetStartupInfoA
HeapSize
GetCPInfo
GetDateFormatA
RtlUnwind
TlsGetValue
IsBadWritePtr
InterlockedExchange
GetSystemTimeAsFileTime

gdi32

RoundRect
GetTextColor
GetTextMetricsA
GetPaletteEntries
CreateHalftonePalette
SetMapMode
ResizePalette
GetBoundsRect
GetStockObject
SetDIBits

user32

RegisterClassA
InvalidateRect
GetMenuStringA
DdeSetQualityOfService
DlgDirListComboBoxA
wsprintfA
GetActiveWindow
CharPrevExA
EnableMenuItem
UnregisterHotKey
InvalidateRgn
GetMenuItemInfoA
DestroyAcceleratorTable
GetUpdateRect
SetMenuInfo
IsClipboardFormatAvailable
DdeQueryStringW
SetProcessDefaultLayout
IsWindow
RegisterClassExA
SetMenuItemBitmaps
IsCharLowerA
GetUserObjectInformationW
InSendMessage
GetDlgItemTextA
GetClipCursor

comctl32

InitCommonControlsEx

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b333c8eaf90f60d23b06e255dcd285f0

Headers

File Characteristics

Imports

shell32

comdlg32

kernel32

gdi32

user32

comctl32

Sections

.text Size: 344KB - Virtual size: 343KB

.rdata Size: 8KB - Virtual size: 22KB

.data Size: 179KB - Virtual size: 179KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 344KB - Virtual size: 343KB

.rdata
Size: 8KB - Virtual size: 22KB

.data
Size: 179KB - Virtual size: 179KB

.rsrc
Size: 4KB - Virtual size: 3KB