9a7551ae2c7edd18697ee382633767e9

General

Target

9a7551ae2c7edd18697ee382633767e9
Size

44KB
MD5

9a7551ae2c7edd18697ee382633767e9
SHA1

4ae60ec6c7bbf066128be62b70d52264e6fcb593
SHA256

4cc716bb6a639cdecfae4bc9ff02a429d09a9abd72fdfd70cc9849925b04d1ca
SHA512

7c2b2fdfcd35db0188d364c33497748612f803147d483888eb34ab3442671881d45486781013b6b2f0779b8baf43e2e0e04d01120fbd6a8deca6b2e8759e7692
SSDEEP

768:OyAEXhMXzXeIYKumNMfai3E2xVeR3lIrnwF4:OyAEXhMje/Hcmai6lu24

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a7551ae2c7edd18697ee382633767e9

Files

9a7551ae2c7edd18697ee382633767e9
.dll windows:4 windows x86 arch:x86

508de5d140c2dcb3b2df24c57601b1df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
CloseHandle
WriteFile
ReadFile
SetFilePointer
CreateFileA
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateProcessA
CreatePipe
GetVolumeInformationA
GetSystemDirectoryA
GetLastError
CreateMutexA
lstrlenA
GetVersionExA
GetFileSize
FindClose
GetSystemTimeAsFileTime
GetCommandLineA
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapAlloc
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
HeapSize
FlushFileBuffers

Exports

Exports

_IsWindows2000XP
_get_winexec_filename
_get_winexec_name
_isRunningMutex
_randcompress_int
_randfind
_randfp
_randnum
_randstring
_upxwrapper
_winexec

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

508de5d140c2dcb3b2df24c57601b1df

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 1KB