9901738a885474e51f0943fba7bb3e00

Sharing

Copy URL Twitter E-mail

General

Target

9901738a885474e51f0943fba7bb3e00
Size

232KB
MD5

9901738a885474e51f0943fba7bb3e00
SHA1

4a30a165b733bee3f1d7cd8832817d1e07439c57
SHA256

56d2074f3adbf7734f521457e828483682812e18031204a2f4cdd9de5d5a964d
SHA512

f6a67d6c38450bed3f1c1b58248a8f3ee54aa99aa377fc50736fc0ab06dc113d54f4c322e1b236b8109430974e67d8120d1fe5edc0be4379a772f98aad28f402
SSDEEP

6144:TDfrALhMRBrMk8t9SUD8TU2gKmy3nSWYa6tXV:XKMjrlXU4hb3nSWh65V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9901738a885474e51f0943fba7bb3e00

Files

9901738a885474e51f0943fba7bb3e00
.exe windows:4 windows x86 arch:x86

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
EnterCriticalSection
LocalAlloc
SizeofResource
WaitForSingleObject
LockResource
FreeLibrary
WaitForMultipleObjects
IsDebuggerPresent
GetCurrentThreadId
GetGeoInfoW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SystemTimeToTzSpecificLocalTime
DisableThreadLibraryCalls
LocalFree
OpenProcess
CreateFileW
lstrlenW
UnhandledExceptionFilter
SystemTimeToFileTime
GetUserDefaultUILanguage
TzSpecificLocalTimeToSystemTime
LoadLibraryExW
GetSystemTime
FindResourceW
FindResourceExW
LeaveCriticalSection
WideCharToMultiByte
GetLocalTime
CompareFileTime
HeapDestroy
HeapSize
GetUserGeoID
GetNumberFormatW
CreateProcessW
DeleteCriticalSection
HeapReAlloc
ProcessIdToSessionId
LoadResource
GetQueuedCompletionStatus
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetProcessHeap
GlobalFree
RaiseException
CloseHandle
GetFileAttributesExW
PostQueuedCompletionStatus
CreateIoCompletionPort
GetStartupInfoA
VirtualAllocEx

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance
IIDFromString

oleaut32

VariantInit
VariantCopyInd
VariantClear
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi

psapi

GetModuleBaseNameW

user32

PostMessageW
GetSystemMetrics
EnumWindows
GetActiveWindow
DestroyIcon
GetWindowThreadProcessId
LoadIconW
GetDesktopWindow
AllowSetForegroundWindow

crypt32

CryptProtectData
CryptUnprotectData
CertFreeCertificateContext
CertNameToStrW

rpcrt4

UuidFromStringW

mscms

CreateColorTransformA
IsColorProfileTagPresent
InternalGetPS2ColorRenderingDictionary
CheckColors
GetPS2ColorRenderingIntent
InternalGetPS2CSAFromLCS
SetColorProfileElementSize
ConvertColorNameToIndex

sti

DllCanUnloadNow
DllUnregisterServer
StiCreateInstance
DllGetClassObject
GetProxyDllInfo
StiCreateInstanceW
DllRegisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MZwuwI
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KcPaf
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Pn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

psapi

user32

crypt32

rpcrt4

mscms

sti

Sections

.text Size: 18KB - Virtual size: 17KB

.MZwuwI Size: 1KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.KcPaf Size: 1KB - Virtual size: 6KB

.Pn Size: 2KB - Virtual size: 4KB

.data Size: 213KB - Virtual size: 285KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.MZwuwI
Size: 1KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.KcPaf
Size: 1KB - Virtual size: 6KB

.Pn
Size: 2KB - Virtual size: 4KB

.data
Size: 213KB - Virtual size: 285KB

.rsrc
Size: 4KB - Virtual size: 4KB