11e9ca968b8ade87843674bce60130f5

Sharing

Copy URL Twitter E-mail

General

Target

11e9ca968b8ade87843674bce60130f5
Size

285KB
MD5

11e9ca968b8ade87843674bce60130f5
SHA1

e8adef33c66eea93abaa90c60ea24bef0aa6cf50
SHA256

39e66a9a04bd2925b6fa1f6ea52600497296a0727d1cb8500275544124b4946e
SHA512

d0b0fae4b1d088061e4e01edcf95b532e003e56ce6b5438118e4548c0539a570d9a24948c21bd08d6eac96a8ae23ddf4c260bd50a684c353b00b0e958648a94a
SSDEEP

6144:dp8WTnJXHjpsBZQ5QkGc1nACyun8pms9x9E786bkXd6Xq:deWTnRHjpKZ8P1ACyunSms1BxXd6Xq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11e9ca968b8ade87843674bce60130f5

Files

11e9ca968b8ade87843674bce60130f5
.exe windows:4 windows x86 arch:x86

6ced826f1014dd3ea7fdeaa7909d2933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCurrentThread
GetSystemTime
InterlockedDecrement
LoadLibraryW
GetTickCount
GetLocalTime
GetDriveTypeW
TerminateThread
CloseHandle
FindNextChangeNotification
GetUserDefaultLangID
CreateEventW
FileTimeToSystemTime
GetVersion
ResumeThread
MoveFileW
GlobalUnlock
GetProcAddress
lstrcpyW
lstrlenW
FindClose
GetFileSize
CreateThread
WriteFile
FindResourceW
GetModuleFileNameW
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
LoadResource
SetEndOfFile
GetCurrentProcessId
InterlockedIncrement
WritePrivateProfileStringW
FindFirstChangeNotificationW
CancelWaitableTimer
GlobalLock
SizeofResource
QueryDosDeviceW
FindResourceExW
GlobalAddAtomW
GetCurrentThreadId
CreateFileW
LockResource
WaitForSingleObject
ResetEvent
GetFileAttributesW
VirtualAlloc
GetPrivateProfileStringW
GetFileAttributesExW
FreeLibrary
MulDiv

user32

GetWindowDC
GetClassNameW
SetWindowPos
DestroyIcon
DestroyMenu
PostThreadMessageW
CreateWindowExW
InvalidateRect
LoadBitmapW
MessageBoxW
GetDlgItem
TrackPopupMenu
DispatchMessageW
ReleaseDC
RegisterClassExW
SetForegroundWindow
GetWindowThreadProcessId
SendMessageW
GetSystemMetrics
AppendMenuW
GetSysColor
RegisterWindowMessageW
GetCursorPos
FillRect
wsprintfW
SendDlgItemMessageW
EnableWindow
SetCapture
LoadIconW
OffsetRect
DialogBoxParamW
SetWindowTextW
IsDlgButtonChecked
SetCursorPos
ReleaseCapture
GetWindowRect
CreatePopupMenu
LoadStringW
UpdateWindow
RedrawWindow
DefWindowProcW
DrawTextW
LoadCursorW
IsWindow
RegisterHotKey

gdi32

SelectObject
SetBkColor
LineTo
BitBlt
CreatePen
DeleteObject
GetClipBox
SetMapMode
GetStockObject
StretchBlt
SetTextColor
SetBkMode
GetObjectW
CreateCompatibleBitmap
CreateDCW
DPtoLP
CreateBitmap

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

Shell_NotifyIconW

ole32

CoInitialize
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ced826f1014dd3ea7fdeaa7909d2933

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 27KB