9792b5a2b96813198d321ca78e23cab0

Sharing

Copy URL Twitter E-mail

General

Target

9792b5a2b96813198d321ca78e23cab0
Size

22KB
MD5

9792b5a2b96813198d321ca78e23cab0
SHA1

87e1d79cb5d2d81434cda5860df37df223602ef3
SHA256

4c70f454f12723ad3b266bb80dbe00fea79bdaad1f7ed8ab07e62466703f76a9
SHA512

549301316c197f36676ab50b5e05366add5312298eb556aff5071fc0aa1b9c66bb9c9784bd5d6bfd151529a47077976ae3cd5864e3612179064f6b0564608d95
SSDEEP

384:i6MvB2SWIHVS26Ej3N9fZVeFpRviL3TCayosVFjK2eFHWeaWlxWZ:mJ2eHv3pVkU3WaqF+XFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9792b5a2b96813198d321ca78e23cab0

Files

9792b5a2b96813198d321ca78e23cab0
.exe windows:4 windows x86 arch:x86

b014dc7c9e6fa9693f80f6eecbcbd1a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

ntdll

RtlUnwind

samlib

SamRemoveMultipleMembersFromAlias

kernel32

GetCurrentProcess
InterlockedCompareExchange
lstrlenW
GetCommandLineA
GetProcAddress
CompareFileTime
Sleep
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
TerminateProcess
FileTimeToSystemTime
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
HeapAlloc
QueryPerformanceCounter
LeaveCriticalSection
GetCurrentProcessId
HeapFree
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTickCount
WinExec
GetDateFormatA
InitializeCriticalSection
SetProcessWorkingSetSize
lstrcmpiA

crypt32

CryptEnumOIDInfo

wintrust

WintrustAddActionID
WTHelperCertIsSelfSigned
WTHelperGetProvSignerFromChain
WinVerifyTrust
WintrustRemoveActionID
WTHelperGetProvCertFromChain

gdi32

GetTextExtentPointA
GetTextMetricsW
GetTextExtentPointW
DeleteObject
GetTextMetricsA
SelectObject

user32

ShowWindow
SetDlgItemTextA
SendMessageW
SetWindowLongA
ReleaseDC
SetCursor
DialogBoxIndirectParamW
GetSysColor
LoadCursorA
SetFocus
CreateWindowExW
GetDC
SendDlgItemMessageA
CallMsgFilterA
GetWindowLongA
LoadImageA
WinHelpA
MessageBeep
EndDialog
GetDlgItemTextA
LoadStringA
GetParent
EnableWindow
GetWindowRect
DialogBoxIndirectParamA
LoadBitmapA
DialogBoxParamW
DialogBoxParamA
SendMessageA

shlwapi

StrCatBuffA
wnsprintfA
StrCatBuffW
StrCpyNW

Sections

.text
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b014dc7c9e6fa9693f80f6eecbcbd1a0

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ntdll

samlib

kernel32

crypt32

wintrust

gdi32

user32

shlwapi

Sections

.text Size: 1024B - Virtual size: 964B

.data Size: 15KB - Virtual size: 40KB

.idata Size: 2KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 212B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 1024B - Virtual size: 964B

.data
Size: 15KB - Virtual size: 40KB

.idata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 212B

.rsrc
Size: 1KB - Virtual size: 1KB