9802a121f06e53f9a27a31d6ad9b557a

Sharing

Copy URL Twitter E-mail

General

Target

9802a121f06e53f9a27a31d6ad9b557a
Size

223KB
MD5

9802a121f06e53f9a27a31d6ad9b557a
SHA1

2a57ae8803b274160354f0d722c01c8f20356ed8
SHA256

0173b02e2c53f676dfc4bd842d23795923b31f9b8860b49e278bd8da3926b1ea
SHA512

d348043c4c1b676990a6ee5a0a03f5b5f5723d005205a13036257e2fda92107c8ee174b1888a9a21763b59a9917b1f1d87d6adddf5451334189a9a0fd09350c6
SSDEEP

6144:NuyFQ9rrTofUnDmwrHdDe3BwzDLymPpsPpU+nWlTosS:NuyG9HMMfde6vL5psRmod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9802a121f06e53f9a27a31d6ad9b557a

Files

9802a121f06e53f9a27a31d6ad9b557a
.exe windows:5 windows x86 arch:x86

cc6114b94759da047b60c39c6d525c49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA
GetStockObject
DeleteObject
GetObjectA

ntdll

RtlEqualUnicodeString
NtQueryObject
NtSetSecurityObject
RtlInitAnsiString
RtlSetDaclSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlInitUnicodeString
RtlCreateSecurityDescriptor
NtQuerySecurityObject

kernel32

MultiByteToWideChar
SetUnhandledExceptionFilter
SetFileAttributesA
lstrcmpiA
CreateFileW
LoadResource
WriteFile
SetFilePointer
FindResourceW
FindFirstFileW
ReleaseSemaphore
GetStartupInfoA
VirtualUnlock
InterlockedIncrement
HeapAlloc
GetSystemTimeAsFileTime
GetFileSize
GetSystemDirectoryW
GetTempPathW
SizeofResource
GetSystemDefaultLangID
GetCurrentThreadId
GetUserDefaultLangID
GetPriorityClass
HeapFree
FindNextFileW
LocalFree
CloseHandle
VirtualQuery
InterlockedDecrement
SetFileAttributesA
CreateFileA
SetLastError
GetProcessHeap
QueryPerformanceCounter
GetLastError
GetVersion
RemoveDirectoryW
GetSystemTime
VirtualLock
GetCurrentProcess
GetCurrentProcessId
UnhandledExceptionFilter
VirtualAlloc
CreateSemaphoreA
GetPrivateProfileIntW
GetPrivateProfileStringW
FindClose
CreateMutexA
DeleteFileW
DeviceIoControl
IsBadReadPtr
CreateDirectoryW
ReadFile
VirtualFree
GetVersionExA
LockResource
GetTempFileNameW
GetTickCount
GetWindowsDirectoryA
lstrlenA
GetFileAttributesW
SetDllDirectoryA
ReleaseMutex
SetEndOfFile

ole32

OleInitialize
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoCreateInstance
CLSIDFromProgID

advapi32

RegQueryValueExA
CryptGetHashParam
CryptDestroyHash
CryptHashData
RegCloseKey
CryptCreateHash
CryptAcquireContextA
RegOpenKeyExA

user32

CharUpperA
DialogBoxIndirectParamA
MsgWaitForMultipleObjects
GetWindowLongA
wsprintfA
EndDialog
SetWindowTextA
MessageBeep
CallWindowProcA
LoadStringA
GetDesktopWindow
CharPrevA
SetForegroundWindow
ExitWindowsEx
GetDlgItemTextA
PeekMessageA
GetDlgItem
ReleaseDC
SendDlgItemMessageA
MessageBoxA
SetWindowLongA
SetWindowPos
SendMessageA
GetWindowRect
EnableWindow
GetDC
SetDlgItemTextA
CharNextA
DispatchMessageA
ShowWindow

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xesy
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 244KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc6114b94759da047b60c39c6d525c49

Headers

File Characteristics

Imports

gdi32

ntdll

kernel32

ole32

advapi32

user32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 129KB

.xesy Size: 3KB - Virtual size: 3KB

.edata Size: 244KB - Virtual size: 379KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 129KB

.xesy
Size: 3KB - Virtual size: 3KB

.edata
Size: 244KB - Virtual size: 379KB