9aa20ff0a1147a28604597119cf314ef

Sharing

Copy URL Twitter E-mail

General

Target

9aa20ff0a1147a28604597119cf314ef
Size

697KB
MD5

9aa20ff0a1147a28604597119cf314ef
SHA1

0a8c925ee1e384d41ac8664c14ca2e38b2058498
SHA256

eb00047b6da9ecc26d305c754ce7650b08b6a7b236e847201816f58948a8986c
SHA512

b44b478310b0d391d109c695c808b4600cad2ab09ad92b4388ecf10b60a856c43ef532d2e26a638c82e53fa008efecd0d400dff653fad463fbf8454e245fc995
SSDEEP

12288:YL3fQIKZkuKPbVBJi+G9i0R+FAEyRhtzr765Ud730DQtqbB4N2:XRZNKP3G9i7FAPhJr765GEFe2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aa20ff0a1147a28604597119cf314ef

Files

9aa20ff0a1147a28604597119cf314ef
.exe windows:4 windows x86 arch:x86

6063f30d23d975e50ec61a42a21e5bf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkMode
SetBkColor
DeleteObject

user32

SetWindowPos
GetDC
ReleaseDC
GetActiveWindow
DestroyWindow
GetParent
UpdateWindow
TranslateMessage
GetSubMenu
FillRect
SetCapture
ReleaseCapture
SetWindowTextA
CheckMenuItem
GetDlgItem
ScreenToClient
LoadCursorA
IsWindowVisible
InvalidateRect
GetClientRect

kernel32

GetStdHandle
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
HeapDestroy
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetTempPathA
GetCPInfo
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
InitializeCriticalSection
FindClose
GetCurrentThread
GetVersion
GetTickCount
GetCurrentProcessId
GetModuleHandleA
GetLastError
GetCommandLineA
GetCurrentThreadId
ExitProcess
VirtualAlloc
ResetEvent
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
CreateProcessA
SetStdHandle
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
RaiseException
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
CreateProcessW
GetEnvironmentStringsW
LCMapStringA
GlobalFree
GetSystemInfo
HeapCreate
LCMapStringW
InterlockedIncrement
CreateFileA
TlsSetValue
GetFileType
ExpandEnvironmentStringsA
CreateFileMappingA
CompareStringA
FindFirstFileA
GetProcessHeap
GetProcAddress
CreateDirectoryA
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CreateThread
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
GetModuleFileNameA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
FormatMessageA
TlsGetValue

Sections

.text
Size: 660KB - Virtual size: 982KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6063f30d23d975e50ec61a42a21e5bf3

Headers

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 660KB - Virtual size: 982KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 660KB - Virtual size: 982KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 11KB - Virtual size: 10KB