09aed888a1b9948445ca3381d2e28a73

Sharing

Copy URL

Twitter E-mail

General

Target

09aed888a1b9948445ca3381d2e28a73
Size

161KB
MD5

09aed888a1b9948445ca3381d2e28a73
SHA1

c9c9bd8d8c33808e3393545535cbffd51449de34
SHA256

27c547645d52ed1be6edc197eb8864ae440ade8644ea5e59b4044e350299906b
SHA512

6fd5ec073500a50e36eb2471aaf91da6f1a47dfcee15058341d69d42d2c2f6c1c5a4378cda3f3eadf37864e541c9c4cfcf05e6f571079e6450af289bf41d182a
SSDEEP

3072:z10NdDS0QFGliOZotj+L+agq/DzVtZK4Xza2SF/BA4G4z+m:6G0aKiCfn5/AeWPtb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09aed888a1b9948445ca3381d2e28a73

Files

09aed888a1b9948445ca3381d2e28a73
.exe windows:4 windows x86 arch:x86

5f1899de55f644f73220b089e99a20cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA
RegEnumKeyA

shlwapi

SHQueryValueExA
SHQueryInfoKeyA
SHSetValueA
SHDeleteKeyA
PathIsDirectoryA

ole32

CoGetMalloc
OleCreateStaticFromData
OleRun
CoCreateInstanceEx
CoUnmarshalInterface
StgCreateDocfileOnILockBytes
CoUninitialize
CoCreateFreeThreadedMarshaler
CoRegisterClassObject

user32

GetDCEx
GetLastActivePopup
IsChild
IsDialogMessageA
EnableMenuItem
RegisterClassA
BeginPaint
GetSysColorBrush
SetTimer
DrawEdge
GetClassLongA
GetDesktopWindow
CharLowerA
DrawFrameControl
DefWindowProcA
GetKeyState
ClientToScreen
CallWindowProcA
DispatchMessageW
CharToOemA
DefFrameProcA
EnableWindow
DrawIcon
GetWindow
DispatchMessageA
DefMDIChildProcA
GetClipboardData
IsWindowVisible
CheckMenuItem
EndDeferWindowPos
CreateWindowExA
GetIconInfo
HideCaret
GetMenuItemID
GetDlgItem
EnumThreadWindows
GetMessagePos
EnumChildWindows
BeginDeferWindowPos
CharLowerBuffA
GetKeyNameTextA
DrawIconEx
SetWindowLongA
SetWindowPos
GetFocus
SystemParametersInfoA
GetScrollInfo
GetMenu
FillRect
GetDC
ShowScrollBar
EqualRect
DrawTextA
GetSysColor
GetCursor
GetScrollPos
CreatePopupMenu
EndPaint
EnableScrollBar
MessageBoxA
GetCapture
GetCursorPos
DeferWindowPos
GetMenuItemCount
GetClassInfoA
GetSubMenu
GetParent
CreateMenu

comctl32

ImageList_DragShowNolock

shell32

SHGetFolderPathA
SHGetDiskFreeSpaceA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetFileInfoA

msvcrt

sqrt
srand
time
malloc
memmove
tolower
rand
memset
memcpy
swprintf

oleaut32

SysReAllocStringLen
SafeArrayPtrOfIndex

kernel32

HeapAlloc
ExitProcess
Sleep
HeapFree
GetUserDefaultLCID
SetLastError
WriteFile
EnterCriticalSection
HeapDestroy
MulDiv
CreateFileA
SetEndOfFile
GetFullPathNameA
GetStringTypeA
lstrlenA
InitializeCriticalSection
GetFileSize
GetVersionExA
CreateEventA
GetProcessHeap
ReadFile
LoadLibraryA
GetCurrentThreadId
GetOEMCP
GetModuleHandleA
MoveFileExA
GetModuleFileNameA
GetSystemDefaultLangID
GetACP
FindFirstFileA
lstrcmpiA
GetCurrentProcessId
FindResourceA
SetErrorMode
SetThreadLocale
SetHandleCount
GetEnvironmentStrings
lstrcmpA
ExitThread
LocalFree
CompareStringA
lstrcatA
GlobalDeleteAtom
GlobalFindAtomA
FormatMessageA
LoadLibraryExA
GetDateFormatA
GetVersion
SetEvent
GlobalAddAtomA
WideCharToMultiByte
VirtualAlloc
VirtualAllocEx

ntdll

_wcsnicmp

version

VerFindFileA
GetFileVersionInfoA
VerInstallFileA

gdi32

GetObjectA

comdlg32

GetFileTitleA

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 121KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f1899de55f644f73220b089e99a20cc

Headers

File Characteristics

Imports

advapi32

shlwapi

ole32

user32

comctl32

shell32

msvcrt

oleaut32

kernel32

ntdll

version

gdi32

comdlg32

Sections

CODE Size: 33KB - Virtual size: 32KB

.edata Size: 121KB - Virtual size: 180KB

.tls Size: 5KB - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 1008B

CODE
Size: 33KB - Virtual size: 32KB

.edata
Size: 121KB - Virtual size: 180KB

.tls
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 1008B