9a5c9536c7138cd546b69e82a6bc74ac

General

Target

9a5c9536c7138cd546b69e82a6bc74ac
Size

15KB
MD5

9a5c9536c7138cd546b69e82a6bc74ac
SHA1

971343fcc1b4fba4a7c091451dfbbb21e04bcee4
SHA256

b681f9e66aa40109a32dab812241555e9b1f17105775dfd8b7bc9f98a26a5f55
SHA512

1bb698269aede233e1fc155f109e27540251d45eaed4315280b234b41cbb9f2382860f71f0e41e06afd081f27a2ab567d690543e967a5b270bb6cb2a196485a0
SSDEEP

384:NUX0acd+9kA7BFTjvKXiy6guivnEQx1fogF4Fd2:uc4Dsiy6gnnEQxdF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a5c9536c7138cd546b69e82a6bc74ac

Files

9a5c9536c7138cd546b69e82a6bc74ac
.dll windows:4 windows x86 arch:x86

3226e9b7684f94f0cd335f5d22bbc6b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
SetLastError
GetLastError
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
OpenMutexA
Sleep
SearchPathA
ReadProcessMemory
GlobalAddAtomA
GetTickCount
CreateProcessA
InitializeCriticalSection
GetComputerNameA
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineA
WriteProcessMemory
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
WaitForSingleObject
GetFullPathNameA
WriteFile
MoveFileExA
GlobalFindAtomA
GetCurrentProcess
DeleteFileA
WinExec
ReleaseMutex
ExpandEnvironmentStringsA
CreateFileA
GetFileSize
ReadFile
LoadLibraryA
CloseHandle

user32

ReleaseDC
CallNextHookEx
UnhookWindowsHookEx
PostMessageA
SetWindowsHookExA
GetQueueStatus
GetDC

gdi32

GetPixel

advapi32

CryptCreateHash
CryptHashData
CryptImportKey
CryptVerifySignatureA
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
RegFlushKey
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
GetUserNameA
CryptAcquireContextA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState

msvcrt

__CxxFrameHandler
_EH_prolog
_initterm
_adjust_fdiv
_strlwr
strcmp
tolower
memcpy
memset
time
sprintf
free
strstr
strcpy
malloc
strlen
strcat

Exports

Exports

Logon
_Logon@0
_goinit@0
_gostart@0
goinit
gostart

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3226e9b7684f94f0cd335f5d22bbc6b3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.reloc
Size: 1KB - Virtual size: 1KB