09f801b31b0d3ecbdf67113059f8a744

Sharing

Copy URL

Twitter E-mail

General

Target

09f801b31b0d3ecbdf67113059f8a744
Size

864KB
MD5

09f801b31b0d3ecbdf67113059f8a744
SHA1

a2d48c626a148314ad5f41f71b7b3c3102525e31
SHA256

38dcae9d8e9155cbbafab1804b3daa48b7b381afb41e920a695ba922594dc459
SHA512

d1ef52af54d3f3451170a6dc9fd647369a804f0c25b8e37dfdffecd43b3e847087705cada3a8921e22b4061ffe16f24cfa918b6de68ffeee3485e249fd8ff3cc
SSDEEP

12288:T51+RkZ2TDVADK/nj+qmTIw65lX4JvJ+gTuCX2Cn7aZqoLl+nwvAU+egNaEP9:TqRkoB/nj+qmMwf/VX3GZqoLl+JJeNy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09f801b31b0d3ecbdf67113059f8a744

Files

09f801b31b0d3ecbdf67113059f8a744
.exe windows:4 windows x86 arch:x86

13bb731b294b03746302f21951f7c52b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LookupIconIdFromDirectory
MapVirtualKeyExA
SendIMEMessageExA
SendMessageTimeoutA
CreateDialogParamA
DdeUnaccessData
GetMessagePos
DdeClientTransaction
SetCaretBlinkTime
ShowWindowAsync
DefMDIChildProcA
MonitorFromPoint
DrawFrame
DdeEnableCallback
MessageBoxA
IsWindowUnicode
CreateIconIndirect
UnhookWinEvent
CheckMenuItem
AlignRects
LoadAcceleratorsA
SetWindowContextHelpId
SetDoubleClickTime
ToUnicodeEx
GetMenuState
GetDoubleClickTime
GetWindowRect
UpdateWindow
CopyIcon
GetComboBoxInfo
SetScrollInfo
IsDialogMessage
DestroyMenu
CharToOemBuffA
DdeNameService
IMPGetIMEA
GetShellWindow
DrawCaption
FindWindowExA
FreeDDElParam
GetMenuCheckMarkDimensions
GetDC
VkKeyScanA
ShowCursor
DrawTextExA
ScrollDC
SwitchToThisWindow
SetClipboardData
WinHelpA
GetAsyncKeyState
GetKeyboardLayoutList
RegisterWindowMessageA
GetUserObjectSecurity

advapi32

ChangeServiceConfigA
AllocateAndInitializeSid
CryptSignHashA
InitializeAcl
GetMultipleTrusteeA
GetNumberOfEventLogRecords
CryptGenKey
QueryServiceObjectSecurity
CryptSetKeyParam
RegFlushKey
GetSidSubAuthority
PrivilegeCheck
CryptDestroyHash
FindFirstFreeAce
RegUnLoadKeyA
IsTextUnicode
GetAclInformation
BuildSecurityDescriptorA
RegOpenKeyA
SetEntriesInAuditListA
SetServiceStatus
GetSecurityDescriptorOwner
RegQueryValueA
RegDeleteValueA
RegConnectRegistryA
EnumDependentServicesA
CryptEncrypt
ObjectDeleteAuditAlarmA
RevertToSelf
BackupEventLogA
DeregisterEventSource
AddAce
GetTrusteeTypeA
ControlService
GetSecurityDescriptorControl
AccessCheck
OpenEventLogA

kernel32

lstrcmpi

Sections

.zmrc
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wvkr
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.evi
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zgre
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vwlw
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buba
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pwrad
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vszy
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wlgfy
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13bb731b294b03746302f21951f7c52b

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.zmrc Size: 638KB - Virtual size: 1.3MB

.wvkr Size: 6KB - Virtual size: 8KB

.evi Size: 19KB - Virtual size: 27KB

.zgre Size: 512B - Virtual size: 21KB

.vwlw Size: 6KB - Virtual size: 15KB

.buba Size: 512B - Virtual size: 56B

.pwrad Size: 512B - Virtual size: 24B

.vszy Size: 49KB - Virtual size: 77KB

.wlgfy Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.zmrc
Size: 638KB - Virtual size: 1.3MB

.wvkr
Size: 6KB - Virtual size: 8KB

.evi
Size: 19KB - Virtual size: 27KB

.zgre
Size: 512B - Virtual size: 21KB

.vwlw
Size: 6KB - Virtual size: 15KB

.buba
Size: 512B - Virtual size: 56B

.pwrad
Size: 512B - Virtual size: 24B

.vszy
Size: 49KB - Virtual size: 77KB

.wlgfy
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB