11a9080343928b457902e8b86a1bc361

Sharing

Copy URL Twitter E-mail

General

Target

11a9080343928b457902e8b86a1bc361
Size

53KB
MD5

11a9080343928b457902e8b86a1bc361
SHA1

1d2793eccbfd80105c1144d6acd51c40e68c5d27
SHA256

3da02ed5d8d02c846220cb56213dd99cfd57dcdf571a1aa1384dda931a64ba32
SHA512

560f21890f8ae6c89e6e4caa0b893044afd36025c201f174d0171ffb114d68954ffe9a0d2342e928f64e5ec86ba21cbc4e7d1870a8dd9409aaea208658a7060d
SSDEEP

1536:4IU/KaafKxIKQx8OpN3XDiKxefyJppz8h:4g7fAIaOp5LxeOpp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11a9080343928b457902e8b86a1bc361

Files

11a9080343928b457902e8b86a1bc361
.exe windows:5 windows x86 arch:x86

3de1997522f4bfc67b45a97d798d80f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetProcessWindowStation
MsgWaitForMultipleObjects
PeekMessageA
LoadCursorW
EndDialog
GetDlgItemTextW
SetThreadDesktop
GetCursorPos
GetMessageA
GetKeyState
CloseDesktop
DrawIcon
GetIconInfo
GetMessageW
GetDlgItem
SendMessageW
OpenWindowStationA
DispatchMessageW
FindWindowExW
GetWindowThreadProcessId
GetDlgItemTextA
GetClipboardData
GetWindowLongW
CloseWindowStation
CharLowerBuffA
GetWindowTextW
OpenDesktopA
GetClassNameW
PeekMessageW
GetKeyboardState
ExitWindowsEx
GetForegroundWindow
ToUnicode

kernel32

CreateMutexW
HeapFree
GetLocalTime
InitializeCriticalSection
CloseHandle
CopyFileW
MapViewOfFile
SystemTimeToFileTime
SetLastError
GlobalLock
IsBadReadPtr
GetTempPathW
DisconnectNamedPipe
GetSystemTimeAsFileTime
FindFirstFileW
MultiByteToWideChar
WriteProcessMemory
lstrcpyA
GetTimeZoneInformation
GetModuleFileNameW
SetEndOfFile
GetFileTime
GetExitCodeProcess
GetTickCount
GetProcessHeap
EnterCriticalSection
lstrcmpiA
MoveFileExW
GetUserDefaultUILanguage
HeapReAlloc
WideCharToMultiByte
SetFileAttributesW
GetProcessTimes
UnmapViewOfFile
GetVersionExW
GetCurrentThreadId
GetDriveTypeW
OpenProcess
GetLogicalDrives
SetEvent
GetModuleHandleA
Sleep
ExpandEnvironmentStringsW
FlushFileBuffers
GlobalUnlock
lstrlenW
GetSystemTime
GetModuleFileNameA
CreateThread
GetCommandLineA
ReleaseMutex
DeleteFileW
CreateFileMappingW
LeaveCriticalSection
HeapAlloc
GetFileSizeEx
OpenMutexW
GetComputerNameW

Sections

.ref
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qfepcd
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bkx
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.slehan
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3de1997522f4bfc67b45a97d798d80f3

Headers

File Characteristics

Imports

user32

kernel32

Sections

.ref Size: 18KB - Virtual size: 39KB

.qfepcd Size: 5KB - Virtual size: 10KB

.bkx Size: 1024B - Virtual size: 1KB

.slehan Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.ref
Size: 18KB - Virtual size: 39KB

.qfepcd
Size: 5KB - Virtual size: 10KB

.bkx
Size: 1024B - Virtual size: 1KB

.slehan
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB