8b9f6552924f74733e6293da04c811d0

General

Target

8b9f6552924f74733e6293da04c811d0
Size

161KB
MD5

8b9f6552924f74733e6293da04c811d0
SHA1

4789231c08f7aee0e10bf904f6fa321c157a78c8
SHA256

d3a21b0c05f939ebb87dfce5ed7a9aa8b5b6c349d4267a5938d188cd9f8b4ffd
SHA512

024bc5c75a993a33bd437859a78795e6a2b6442384649fb42b8504a3df1c79a92fb5ae8ba4ba68e524b1ef1a24440491623a14afa571ebfb6561cf0f09b5b694
SSDEEP

3072:ZcjWBsuoi8n8hCSDucJTR8pil86MAcD8RgIPyS:mj1uhRgMucYpiBc8aIqS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b9f6552924f74733e6293da04c811d0

Files

8b9f6552924f74733e6293da04c811d0
.exe windows:4 windows x86 arch:x86

d4b4ca35df107da9403b2b6830550003

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegSetValueW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyExW

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipDisposeImage

ole32

StringFromGUID2
CoInitialize
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance

gdi32

BitBlt
CreatePen
DeleteDC
GetObjectType
LineTo
CreateCompatibleDC
SetStretchBltMode
SelectObject
StretchBlt
CreateDIBSection
CreateDCW
CreateBitmap

user32

CreatePopupMenu
RedrawWindow
FindWindowA
ClipCursor
DestroyMenu
TrackPopupMenuEx
GetDesktopWindow

kernel32

GetEnvironmentStringsW
GetVersionExA
TransmitCommChar
ExitProcess
EnumResourceNamesW
ExitProcess
LocalFree
LocalAlloc
LoadLibraryW
GetModuleFileNameA

msimg32

AlphaBlend
TransparentBlt

winmm

timeGetTime

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4b4ca35df107da9403b2b6830550003

Headers

File Characteristics

Imports

advapi32

gdiplus

ole32

gdi32

user32

kernel32

msimg32

winmm

comctl32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 40KB - Virtual size: 39KB

.rsr Size: 512B - Virtual size: 64KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 40KB - Virtual size: 39KB

.rsr
Size: 512B - Virtual size: 64KB