9aaeb3b3fe60b00051f7499c67393d50

Sharing

Copy URL Twitter E-mail

General

Target

9aaeb3b3fe60b00051f7499c67393d50
Size

161KB
MD5

9aaeb3b3fe60b00051f7499c67393d50
SHA1

a5761f6acea468381fdd5f9de907e8d363bc7e7e
SHA256

363a6526590ae3efb26721ff6bfc3cf0f7181e2756bbf02764b2258729aca7f0
SHA512

d3d961620f2a8aa1f01fa7e90d1baedbda2c6f826f498f775059504d76bbca2c608c2f6c126da9a24662441347b131b12fbf13a73d08d4e8536eed39c27b0c86
SSDEEP

3072:cfGqDrfC7jMQnUDbhIM3PocJajmzqpcf6yomvz3R4MGEhMXOuMOUmkL:jYK5aI+QcJajm+pcJNvVZGyMXOgU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aaeb3b3fe60b00051f7499c67393d50

Files

9aaeb3b3fe60b00051f7499c67393d50
.exe windows:4 windows x86 arch:x86

4c00a5b6ebf473018e328c92f568c880

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
GetSecurityDescriptorControl
GetUserNameA
QueryServiceConfig2A
QueryServiceStatus
RegDeleteValueA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
SetServiceStatus

kernel32

AddAtomA
CloseHandle
CompareStringA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
DeleteAtom
DeleteCriticalSection
DeleteFileA
DisableThreadLibraryCalls
DuplicateHandle
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FindClose
FindNextFileA
FindResourceA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetFileSize
GetFileTime
GetFileType
GetLastError
GetModuleHandleA
GetPrivateProfileStructA
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTickCount
GetVersionExA
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadResource
LocalFree
LockResource
MapViewOfFile
MoveFileExA
MulDiv
MultiByteToWideChar
OpenEventA
QueryPerformanceCounter
RaiseException
ReleaseMutex
ResetEvent
SetEnvironmentVariableA
SetFileAttributesA
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
Sleep
SystemTimeToFileTime
TerminateProcess
TlsGetValue
VirtualAlloc
VirtualProtect
lstrcpyA
lstrlenA

ole32

OleInitialize
OleRegGetUserType
PropVariantClear

user32

CharUpperA
CheckDlgButton
CreateWindowExA
DestroyIcon
DialogBoxParamA
DrawFocusRect
EndDialog
FillRect
GetAsyncKeyState
GetDlgItemTextA
GetMessagePos
GetProcessWindowStation
GetSysColor
InflateRect
LoadBitmapA
MessageBeep
MessageBoxA
PeekMessageA
SendMessageA
SetDlgItemTextA
SetWindowPos
SetWindowRgn
SetWindowTextA
SystemParametersInfoA
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: - Virtual size: 276KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c00a5b6ebf473018e328c92f568c880

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

.text Size: - Virtual size: 276KB

.data Size: 159KB - Virtual size: 160KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 276KB

.data
Size: 159KB - Virtual size: 160KB

.rsrc
Size: 2KB - Virtual size: 1KB