09fd74e0b064af43697011dc352b6f29

Sharing

Copy URL Twitter E-mail

General

Target

09fd74e0b064af43697011dc352b6f29
Size

328KB
MD5

09fd74e0b064af43697011dc352b6f29
SHA1

85361b978796e55c0f27917d84fdd69f3e99585f
SHA256

ddd437d1a3c9ba8402350358218d74d210c1cce025330705718a2a267ca35ec7
SHA512

55928f3a94b8080730df49ecfc445987858016baa26bb41276fb94145f89da844ecdc7c8c599a30dd5cd4662b451b277e2e6b29161baf0c3516170e9354b5b50
SSDEEP

6144:oB7plahw+GHtJreI1gcvFloF0fBGcnWXIqOmjoeX6grAu1vR5Vi09UKnRg:o1pkhwTJreI1gcvFrKIqdkeX6grAu1pS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09fd74e0b064af43697011dc352b6f29

Files

09fd74e0b064af43697011dc352b6f29
.exe windows:4 windows x86 arch:x86

8fa4d28171c6f1f6fcbb61b296daec49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

frespor

_RESPOR_LERESFORC@12
_RESPOR_LERABRIR@32
_RESPOR_CASOATUAL@4
_RESPOR_FECHAR@0

fcritpor

_CARRPORLERCASO@76
_CARRPORNCASOS@4
_CARRPORLER@12

customdl

_VERFCBLHLIST@4
_VERFCBNTNT@0
_VERFCBPRG@12
_VERFCBCD@8
_VERFCBLPRIST@4
_VERFCBDLXY@20

jmsgdll

_writej@4
_writejpidx@8

user32

GetCursorPos

ole32

CoUninitialize
CoCreateGuid
CoInitialize

advapi32

RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

kernel32

CompareStringA
CompareStringW
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
SetUnhandledExceptionFilter
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateFileA
ReadFile
SetFilePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
QueryPerformanceCounter
GetDiskFreeSpaceExA
GetCurrentThreadId
GetCurrentProcessId
GlobalMemoryStatus
GetTempPathA
GetFullPathNameA
QueryDosDeviceA
GetEnvironmentVariableA
SetErrorMode
Sleep
Beep
GetLocalTime
SetLocalTime
GetCurrentProcess
SetFileAttributesA
GetACP
GetVersion
SetHandleCount
GetFileInformationByHandle
RtlUnwind
GetStartupInfoA
TerminateProcess
HeapAlloc
HeapReAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetSystemTimeAsFileTime
GetLastError
SetConsoleCtrlHandler
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryA
GetDriveTypeA
MoveFileA
DeleteFileA
WriteFile
GetFileType
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
PeekNamedPipe
MultiByteToWideChar
FindFirstFileA
FindNextFileA
FindClose
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetStdHandle
SetStdHandle
SetEndOfFile
GetProcAddress
HeapSize
RaiseException
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
LoadLibraryA
VirtualAlloc
IsBadWritePtr
FlushFileBuffers
SetEnvironmentVariableW
GetCPInfo
GetOEMCP
GetStringTypeA

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8fa4d28171c6f1f6fcbb61b296daec49

Headers

File Characteristics

Imports

frespor

fcritpor

customdl

jmsgdll

user32

ole32

advapi32

kernel32

Sections

.text Size: 284KB - Virtual size: 281KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 32KB - Virtual size: 90KB

.text
Size: 284KB - Virtual size: 281KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 90KB