09bd31e41f61109a913c8709bdc3309e

Sharing

Copy URL Twitter E-mail

General

Target

09bd31e41f61109a913c8709bdc3309e
Size

53KB
MD5

09bd31e41f61109a913c8709bdc3309e
SHA1

95694d3ce9c87aab1c45182f3dd63b96a2f00ab8
SHA256

eb11355494e55bb8db4bddae751a6dcf54c96e0ed415b2943f33f5d9a4a13d99
SHA512

c051770f4c010e2da2ff2f0dc3f8af7333ae4e074f4da364a6d9e606f190ca0dcb37b4b79df0a5691a6d2ce62f6a71ac77f1bf996e7f5a61b1d6a53262798078
SSDEEP

1536:Sc9qXVQSN1XImJmk+daofIGoJ5ltlDYpfaXo6:DkT1YmJmk+Iowh5ltlDYpf8o6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09bd31e41f61109a913c8709bdc3309e

Files

09bd31e41f61109a913c8709bdc3309e
.exe windows:1 windows x86 arch:x86

dc0134699a1f189421da6a4217ae02e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageA
GetClientRect
IsIconic
LoadIconA
SetFocus
TranslateMessage
GetWindowRect
SetWindowPos
GetDlgItem
SendMessageA
EndDialog
UnhookWindowsHookEx
DispatchMessageA
GetMessageA
LoadStringA
wsprintfA
GetFocus
IsChild
CallNextHookEx
LoadCursorA
SetCursor
LoadMenuA
SetMenuItemInfoA
GetSubMenu
TrackPopupMenu
GetMessagePos
SetWindowTextA
EnableWindow
MoveWindow
GetSystemMetrics
GetDC
ReleaseDC
CreateWindowExA
SetWindowsHookExA
DialogBoxParamA
GetWindowLongA
GetDlgCtrlID
SetWindowLongA
BeginPaint
DrawEdge
EndPaint
CheckMenuItem
EnableMenuItem
ShowWindow
WinHelpA
PostThreadMessageA
DestroyWindow

gdi32

GetDeviceCaps

kernel32

GetCurrentThreadId
GetLastError
GetStartupInfoA
GetModuleHandleA
_llseek
_lwrite
_lclose
lstrcmpiA
CompareFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
lstrcatA
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetUserDefaultLCID
CreateThread
SetThreadPriority
ResumeThread
CloseHandle
lstrlenA
lstrcpynA
lstrcpyA
OpenFile
_lread

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDList

ole32

CoCreateInstance
CoTaskMemFree
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoGetMalloc

comctl32

ord17
ord6

treenvcl

??0CTreeNavClient@@QAE@PADKGPAVCMosEvents@@00K0HH@Z
?CloseHDyn@CTreeNavClient@@SAXPAX@Z
??1CTreeNavClient@@QAE@XZ
?GetParents@CTreeNavClient@@QAEKT_LARGE_INTEGER@@HPAPADPAU_LOCALES@@PAKPAPAX@Z
??2CTreeNavClient@@SAPAXI@Z
??3CTreeNavClient@@SAXPAX@Z
?GetNthNode@CTreeNavClient@@QAEKPAXKPAVCServiceProperties@@@Z
?IsValid@CTreeNavClient@@QAEKXZ

ccapi

HrSaveCallingCard
MOSX_HrExecPidl
MOSX_HrAddToFavoritePlaces

svcprop

??0CServiceProperties@@QAE@XZ
?FGet@CServiceProperties@@QAEHPADPAEPAPAXPAK@Z
??1CServiceProperties@@QAE@XZ

mcm

MosCommonError
MosError
GetMosGlobalSetting
MosAboutEx

moscudll

?HrSzForByteCount@@YAJKPADK@Z

msvcrt20

memset
strchr
sprintf
memcpy
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
memcmp
strlen
_chsize
_filelength
_exit
_XcptFilter
exit
__p__acmdln
_initterm
__getmainargs
__p__commode
__p__fmode
_except_handler3
_controlfp

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 94KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc0134699a1f189421da6a4217ae02e6

Headers

File Characteristics

Imports

user32

gdi32

kernel32

advapi32

shell32

ole32

comctl32

treenvcl

ccapi

svcprop

mcm

moscudll

msvcrt20

Sections

.text Size: 14KB - Virtual size: 13KB

.bss Size: - Virtual size: 94KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 836B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 26KB - Virtual size: 28KB

.reloc Size: 3KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 13KB

.bss
Size: - Virtual size: 94KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 836B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 26KB - Virtual size: 28KB

.reloc
Size: 3KB - Virtual size: 5KB