9a750c39fa6f316ea03d65c6b167d7ee

Sharing

Copy URL

Twitter E-mail

General

Target

9a750c39fa6f316ea03d65c6b167d7ee
Size

68KB
MD5

9a750c39fa6f316ea03d65c6b167d7ee
SHA1

1b8deb97cc5f5a9c0ba5c6221cef58a2d24f8ba0
SHA256

eec293400766dd96fbe5f1a49d2c63a60130007ccf11b16d04a52d1e0ae640de
SHA512

9d4bf13cd4127d7a66eeaa7caf383f8fc1fbdb8efb7570d5fa84cfd7efa544d9b76a2696d9b0f1d04978bc87db5513576b1c921a6b76c5295c3dcc6db35970c1
SSDEEP

1536:/ShpqTA8m7Ol0ozfFGJ6z0joEw8f5VqhOEF0l0ux:yMzfFGkz0joE/ChOcC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a750c39fa6f316ea03d65c6b167d7ee

Files

9a750c39fa6f316ea03d65c6b167d7ee
.exe windows:4 windows

8930b375bc23e4b589c95deb9eade8c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteEnhMetaFile
CombineRgn
CreateDCW
GdiSetBatchLimit
GdiFlush
CreateSolidBrush
GdiComment
GetAspectRatioFilterEx
ExtEscape
EndDoc
CreateFontW
EndPage
ChoosePixelFormat

kernel32

HeapAlloc
GetNumberFormatA
HeapCreate
GetUserDefaultLangID
OpenSemaphoreA
ResetEvent
GetModuleHandleA
GetProcAddress
VirtualAlloc
Sleep
GetSystemDefaultLCID
WaitForSingleObject
GetOEMCP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
GetLastError
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
ReadFile
WriteFile
InitializeCriticalSection
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
SetFilePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
RtlUnwind
SetStdHandle
FlushFileBuffers
CloseHandle
CreateFileA
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
LoadLibraryA

aclui

ord1
ord2

comdlg32

ReplaceTextA
PageSetupDlgW
ChooseFontW
ChooseFontA
CommDlgExtendedError
FindTextA
ReplaceTextW
PageSetupDlgA
GetSaveFileNameA
GetFileTitleW
FindTextW
GetOpenFileNameA
PrintDlgA
ChooseColorW
PrintDlgW

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8930b375bc23e4b589c95deb9eade8c6

Headers

File Characteristics

Imports

gdi32

kernel32

aclui

comdlg32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 48KB

.tls Size: 4KB - Virtual size: 24B

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 48KB

.tls
Size: 4KB - Virtual size: 24B

.rsrc
Size: 20KB - Virtual size: 17KB