09ace85815fa85c8291b991475f7cce1

Sharing

Copy URL Twitter E-mail

General

Target

09ace85815fa85c8291b991475f7cce1
Size

148KB
MD5

09ace85815fa85c8291b991475f7cce1
SHA1

888bc7d5a6951071577859c411e6d174c25ae279
SHA256

f0ccfd55f5c6e591cac2f91deffa7a94f8675c7d107a57c214abd9c11ebf4897
SHA512

667da79801f34ded0ede8ff19fa1fe6f7259d832734f3c5dbafa98327d70402e9ed174757b59f1decb85ffd9a59623b496601801f2f7c0145e9b81773ef3c2f1
SSDEEP

3072:4qkgdI4iC3hvu2zl4aLz/tkgZzsC/HgjlRJtslCMdN7EfHiC:151P+MgJFslddN0CC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09ace85815fa85c8291b991475f7cce1

Files

09ace85815fa85c8291b991475f7cce1
.exe windows:5 windows x86 arch:x86

1d85d97a97a86e4d72568e041ae6a6c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetConsoleOutputCP
SetCurrentDirectoryA
OutputDebugStringA
GetTempPathW
GetEnvironmentVariableA
CreateProcessW
FileTimeToSystemTime
GetStartupInfoA
DuplicateHandle
VirtualFree
VirtualProtect
GetModuleHandleA

user32

SetPropA
GetSysColor
GetScrollPos
GetSysColorBrush
EnableWindow
DestroyMenu
IsRectEmpty
GetMenu
PeekMessageA
SetActiveWindow
GetSystemMetrics

msvcrt

log10
bsearch
_adjust_fdiv
wcstombs
exit
_acmdln
strncpy
__setusermatherr
vsprintf
_fullpath
setlocale
_except_handler3
memmove
_CIpow
_setjmp3
__p__commode
_initterm
_c_exit
__set_app_type
_XcptFilter
__p__fmode
_wtoi
__getmainargs

advapi32

RegEnumValueW
DeregisterEventSource
RegQueryInfoKeyW
SetSecurityDescriptorDacl
FreeSid
AddAccessAllowedAce
OpenSCManagerA
DeleteService

oleaut32

SafeArrayPtrOfIndex
SetErrorInfo
VariantCopyInd
SysAllocStringByteLen
SafeArrayGetUBound
VariantInit
SafeArrayGetElement
SafeArrayCreate

ole32

StringFromGUID2
CoTaskMemFree
OleDraw
CoCreateInstance
CreateILockBytesOnHGlobal
DoDragDrop
PropVariantClear
IIDFromString
IsEqualGUID

comctl32

ImageList_GetIcon
InitializeFlatSB
ImageList_DragShowNolock
InitCommonControls
DestroyPropertySheetPage
PropertySheetA
ImageList_SetImageCount
ImageList_Write
ImageList_GetIconSize

shell32

ShellExecuteA
ShellExecuteW
SHGetSettings
SHChangeNotify
DragQueryFileA
SHGetFolderPathA
ExtractIconExA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d85d97a97a86e4d72568e041ae6a6c2

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

oleaut32

ole32

comctl32

shell32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 6KB - Virtual size: 88KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 6KB - Virtual size: 88KB