9789a2dabb1cc5d99c9502e0e39d9406

Sharing

Copy URL Twitter E-mail

General

Target

9789a2dabb1cc5d99c9502e0e39d9406
Size

539KB
MD5

9789a2dabb1cc5d99c9502e0e39d9406
SHA1

5d1787a4b319adbe7fed07ea80ed11994a4cab79
SHA256

d7913cf61ac7c1df9da2f28c687d1250d719b95e250bdd27e0d5fde33e74a754
SHA512

bc1f13f5fcd66293229cabc0c01ce355024c026cc3d8f64d577bae971ea0d7069d4ebc2af9aa4accd6161d2aa711632c6ba5f21f6a26f3b058350fc3f1568477
SSDEEP

12288:/FOyJzuEd2DJX+SflHeu6RQ4Yag28Fva//7:/FAEdOkSNHiSa+FvY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9789a2dabb1cc5d99c9502e0e39d9406

Files

9789a2dabb1cc5d99c9502e0e39d9406
.exe windows:4 windows x86 arch:x86

3a8d2174c1daf31a4d4fdee8c3a1a718

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharAlphaNumericA
RegisterClassExA
SystemParametersInfoW
InvalidateRect
EnableMenuItem
GetMenuStringW
SetWindowTextA
GetMenuInfo
GetPropA
DestroyWindow
DialogBoxIndirectParamW
CloseWindow
TabbedTextOutW
RegisterClassA
LookupIconIdFromDirectoryEx
GetDoubleClickTime
FlashWindowEx

advapi32

RegDeleteValueA
RegReplaceKeyA
InitializeSecurityDescriptor
LogonUserA
RegOpenKeyExW
RegDeleteKeyW
RegLoadKeyW
RegCreateKeyExA
RegConnectRegistryW
RegDeleteKeyA

comctl32

InitCommonControlsEx

comdlg32

ChooseColorW
PrintDlgA
FindTextA
ReplaceTextA

kernel32

LocalHandle
LockFileEx
GetACP
GetProcessHeap
GetCommandLineW
SetHandleCount
GetTimeFormatW
IsValidCodePage
GetLocaleInfoA
SetEnvironmentVariableA
GetStdHandle
GetSystemDefaultLangID
GetCommandLineA
TlsFree
WriteFile
GetCurrentThreadId
lstrcat
InitializeCriticalSection
CreateDirectoryExW
CreateFileA
GetTimeFormatA
GetOEMCP
LeaveCriticalSection
GetEnvironmentStrings
HeapDestroy
LoadLibraryA
HeapAlloc
CreateWaitableTimerW
OpenMutexA
GetProcAddress
GetLocaleInfoW
GetConsoleOutputCP
HeapCreate
FreeEnvironmentStringsA
lstrcmp
LCMapStringW
GetStartupInfoW
GetCurrentThread
FreeLibrary
FreeEnvironmentStringsW
FlushFileBuffers
lstrcatW
InterlockedIncrement
GetCurrentProcessId
GetStartupInfoA
LCMapStringA
GetConsoleMode
GlobalGetAtomNameA
GetModuleHandleA
HeapReAlloc
GetTimeZoneInformation
ExitProcess
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
GetComputerNameA
IsDebuggerPresent
GetEnvironmentStringsW
SetConsoleCursorPosition
IsValidLocale
WriteConsoleW
SetLastError
HeapFree
EnumSystemLocalesA
GetDateFormatA
DeleteCriticalSection
GetUserDefaultLCID
Sleep
VirtualFree
WriteConsoleA
GetCurrentProcess
GetFileType
CompareStringA
CompareStringW
RtlUnwind
TlsAlloc
GetStringTypeW
SetConsoleCtrlHandler
TryEnterCriticalSection
GetCPInfo
GetModuleFileNameA
GetLastError
GetPrivateProfileIntA
CreateMutexA
GetWindowsDirectoryW
TerminateProcess
WideCharToMultiByte
SetStdHandle
ReadFile
InterlockedDecrement
GetModuleFileNameW
GetConsoleCP
InterlockedExchange
CloseHandle
QueryPerformanceCounter
SetFilePointer
MultiByteToWideChar
GetTickCount
GetStringTypeA
VirtualQuery
GetVersionExA
EnterCriticalSection
VirtualAlloc
ExitThread
GetSystemTimeAsFileTime
HeapSize
SetUnhandledExceptionFilter

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a8d2174c1daf31a4d4fdee8c3a1a718

Headers

File Characteristics

Imports

user32

advapi32

comctl32

comdlg32

kernel32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 10KB - Virtual size: 22KB

.data Size: 359KB - Virtual size: 359KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 10KB - Virtual size: 22KB

.data
Size: 359KB - Virtual size: 359KB

.rsrc
Size: 7KB - Virtual size: 6KB