9a1b1ee2d4f15c7d3d52730900264f4a

Sharing

Copy URL Twitter E-mail

General

Target

9a1b1ee2d4f15c7d3d52730900264f4a
Size

31KB
MD5

9a1b1ee2d4f15c7d3d52730900264f4a
SHA1

f8e7a6463cedbd17a004b5f72dd84a7d10893efe
SHA256

dc87e72e09dabf6638c88b749e940887ee7e541452878b95bb12e397eccb5711
SHA512

1fc6a7418248c14ac93d09c55e06f7cc044847d4ccaf7ccc2eba72565e9e91d882f3fc10c60458b07d84f0bbc868fcef38eafb066cd15554c97c74a32e2603af
SSDEEP

384:Bn24jjM4D9XX/oh1XXRq31faRhEa7FfIP6+eweBk0naqX/DapnqF1oLAVLCb0PlO:B24H5n/o7vfIP6Rwz0njInAxBkFeI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a1b1ee2d4f15c7d3d52730900264f4a

Files

9a1b1ee2d4f15c7d3d52730900264f4a
.exe windows:1 windows x86 arch:x86

c28cc567620ff78b44f73311595bfb56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolder
SHGetPathFromIDListA

kernel32

FormatMessageA
GetCommandLineA
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetTickCount
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalLock
CopyFileA
GlobalUnlock
CreateDirectoryA
RtlUnwind
RtlZeroMemory
SetCurrentDirectoryA
SetFilePointer
VirtualAlloc
VirtualFree
WinExec
_lcreat
_lopen
_lread
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA

user32

SetWindowTextA
GetWindowTextA
GetWindowRect
IsWindow
CheckDlgButton
IsDialogMessageA
BeginPaint
EndPaint
InvalidateRect
SetFocus
LoadCursorA
LoadIconA
RegisterClassA
MessageBoxA
SetCursor
GetMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
DrawTextA
GetWindowDC
ReleaseDC
FillRect
OffsetRect
SendMessageA
wsprintfA
PostMessageA
PostQuitMessage
GetSystemMetrics
CreateWindowExA
SetWindowPos
MoveWindow
DefWindowProcA

gdi32

BitBlt
GetStockObject
RealizePalette
SelectObject
SelectPalette
SetBkMode
CreateCompatibleBitmap
SetTextColor
CreateCompatibleDC
StretchBlt
TextOutA
CreatePalette
GetObjectA
CreateFontA
CreateSolidBrush
DeleteDC
DeleteObject

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

crtdll

_itoa
__GetMainArgs
exit
raise
signal
strchr

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 928B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 924B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adate
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c28cc567620ff78b44f73311595bfb56

Headers

File Characteristics

Imports

shell32

kernel32

user32

gdi32

advapi32

crtdll

Sections

.text Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 928B

.data Size: 3KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 924B - Virtual size: 924B

.adate Size: 13KB - Virtual size: 13KB

.text
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 928B

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 924B - Virtual size: 924B

.adate
Size: 13KB - Virtual size: 13KB