9ab131a5a3ca87cd1b162d16e5f6b741

Sharing

Copy URL Twitter E-mail

General

Target

9ab131a5a3ca87cd1b162d16e5f6b741
Size

560KB
MD5

9ab131a5a3ca87cd1b162d16e5f6b741
SHA1

df5754b783fd855e2e4c0de6fac1e6828e1fdf96
SHA256

c8838e1b60573366f76f350ee6f4071b5d9f00ca02146dd8d745f64079577fa7
SHA512

7ceaa2af7e7ef499f3e26aadce09019860f705593537912aa0550111f2d21a38d159153f5c49363e7ff8b0dc600212ef776242999f58817d52ce4e3dde68a906
SSDEEP

12288:S3MMnMMMMMHGVJH7zyMBX3V24iQGdOJj6fNRXCCwLP+N:S3MMnMMMMMmVJH7z/1RMfNRXCCKP+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ab131a5a3ca87cd1b162d16e5f6b741

Files

9ab131a5a3ca87cd1b162d16e5f6b741
.exe windows:4 windows x86 arch:x86

6de24400529b8b5fa1c5d6f113e078b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
UnhandledExceptionFilter
GlobalDeleteAtom
ResetEvent
lstrcmpiW
DuplicateHandle
_lclose
InterlockedIncrement
GetStringTypeExA
CreateThread
GetLocaleInfoA
GetStdHandle
HeapDestroy
GetCPInfo
LeaveCriticalSection
SetLocalTime
GetCurrentDirectoryA
FlushInstructionCache
ResumeThread
HeapAlloc
MultiByteToWideChar
GetDateFormatA
GetFileAttributesA
_llseek
FindClose
ExitProcess
GetSystemDefaultLCID
LockFile
FileTimeToSystemTime
HeapFree
GetVersion
VirtualProtect
SetEnvironmentVariableA
lstrcpynA
SetStdHandle
RemoveDirectoryA
HeapReAlloc
lstrcmpA
CreateSemaphoreA
GetCurrentProcessId
GetDriveTypeA
GlobalFree
GetTickCount
GetCurrentProcess
CreateDirectoryA
lstrcpyA
MulDiv
CompareStringW
DeleteCriticalSection
GetWindowsDirectoryA
GlobalReAlloc
lstrcatA
lstrcmpiA
GetTimeZoneInformation
GetACP
GlobalHandle
GetVersionExA
GetTempPathA
MoveFileA
GetSystemTime
_lread
SetFileTime
TlsAlloc
EnterCriticalSection
GetModuleFileNameA
LockResource
FreeLibrary
TlsSetValue
GetVolumeInformationA
FindFirstFileA
GetExitCodeProcess
SetErrorMode
ReadFile
GetFullPathNameA
FindResourceA
HeapSize
SetEvent
LCMapStringW
SetFileAttributesA
TlsGetValue
Sleep
GlobalSize
GetCurrentThreadId
VirtualAlloc
SetEndOfFile
FreeEnvironmentStringsA
ReleaseSemaphore
LoadLibraryExA
GetStringTypeW
RtlUnwind
CreateFileA
GetCommandLineA
TlsFree
HeapCreate
FreeResource
SizeofResource
WinExec
GetModuleHandleA
GetOEMCP
ExitThread
GlobalAlloc
SetFilePointer
CompareStringA
RaiseException
SystemTimeToFileTime
TerminateProcess
FreeEnvironmentStringsW
GetLocalTime
LCMapStringA
GetUserDefaultLangID
CreateProcessW
GetSystemDirectoryA
UnlockFile
GetShortPathNameA
IsBadReadPtr
InitializeCriticalSection
SetLastError
SetHandleCount
GetStartupInfoA
SearchPathA
GlobalAddAtomA
IsDBCSLeadByte
IsBadCodePtr
WideCharToMultiByte
GetFileType
FileTimeToLocalFileTime
CreateEventA
GetFileTime
GetStringTypeA
LoadLibraryA
FormatMessageA
GetProcAddress
VirtualQuery
GetLastError
SetCurrentDirectoryA
GetUserDefaultLCID
GetSystemDefaultLangID
GlobalUnlock
GetProfileStringA
GetEnvironmentStringsW
FormatMessageW
GetSystemInfo
VirtualFree
DeleteFileA
GetModuleFileNameW
GlobalLock
_lwrite
CloseHandle
FindNextFileA
GetEnvironmentStrings
InterlockedDecrement
FlushFileBuffers
WriteFile
lstrlenA
CreateProcessA
GetTempFileNameA
LoadResource

user32

SetWindowsHookExA
PeekMessageW
WindowFromPoint
GetMessagePos
CharToOemBuffA
GetDCEx
BeginDeferWindowPos
HideCaret
MessageBeep
DdeDisconnect
DestroyAcceleratorTable
GetClientRect
IsZoomed
DdeFreeDataHandle
ScreenToClient
CreateAcceleratorTableA
MapWindowPoints
DrawFrameControl
GetClipboardData
GetMenuItemCount
SetWindowsHookExW
GetDoubleClickTime
CallWindowProcA
GetCursor
GetClassNameA
ShowWindow
DdeConnect
InsertMenuA
VkKeyScanW
GetKeyboardState
SetActiveWindow
GetSystemMenu
wsprintfA
SetWindowPos
GetClassInfoExA
ClipCursor
DdeGetData
DrawFocusRect
SetScrollPos
SetWindowTextA
DdeCmpStringHandles
IntersectRect
GetWindowLongA
SetWindowRgn
GetCapture
GetMenuStringA
SetWindowContextHelpId
DdePostAdvise
GetActiveWindow
RegisterClassExA
DeferWindowPos
KillTimer
DdeClientTransaction
TranslateMessage
EnumThreadWindows
SetPropA
PostThreadMessageA
SubtractRect
SetRect
OffsetRect
ReleaseCapture
AdjustWindowRect
GetForegroundWindow
CharUpperBuffW
DestroyIcon
WaitMessage
GetPropA
LoadAcceleratorsA
EndDeferWindowPos
WinHelpA
OpenClipboard
InflateRect
DestroyWindow
CharPrevA
GetUpdateRect
PostQuitMessage
BringWindowToTop
GetUpdateRgn
CallNextHookEx
GetLastActivePopup
GetWindowDC
GetSysColor
GetSystemMetrics
MsgWaitForMultipleObjects
GetWindowTextA
GetSubMenu
PtInRect
DdeNameService
LoadIconA
GetWindowThreadProcessId
DestroyMenu
CreatePopupMenu
WaitForInputIdle
EmptyClipboard
EnableMenuItem
CopyRect
DdeSetUserHandle
GetTabbedTextExtentA
DeleteMenu
ClientToScreen
GetClassInfoA
InvalidateRgn
OemToCharA
LoadBitmapA
GetScrollInfo
EqualRect
SetCursorPos
LockWindowUpdate
GetKeyboardLayout
SetForegroundWindow
FindWindowW
UnhookWindowsHookEx
GetFocus
GetCaretBlinkTime
VkKeyScanA
InvalidateRect
ShowCursor
GetWindow
SetWindowLongA
AppendMenuA
SendDlgItemMessageA
EndDialog
CharToOemA
CharUpperA
GetMenuItemInfoA
GetWindowRect
CheckMenuItem
PostMessageA
GetMenuState
SetDlgItemTextA
DestroyCursor
SetFocus
GetKeyState
SetScrollInfo
RemoveMenu
SendMessageA
SetScrollRange
BeginPaint
GetClipboardFormatNameA
CreateCursor
SetTimer
DefMDIChildProcA
EnableWindow
SetMenuItemInfoA
IsDialogMessageA
MessageBoxIndirectA
GetDesktopWindow
IsWindow
DdeGetLastError
GetAsyncKeyState
GetMenu
SetCapture
GetDC
CloseClipboard
IsClipboardFormatAvailable
GetWindowRgn
SetClipboardData
RegisterClassA
LoadCursorA
DrawIcon
GetMenuItemID
DrawTextA
TrackPopupMenu
GetCursorPos
CreateIcon
GetCaretPos
LoadImageA
GetIconInfo
GetMessageTime
GetDlgItem
PeekMessageA
LoadStringA
ModifyMenuA
DdeCreateDataHandle
DialogBoxParamA
keybd_event
DdeUninitialize
GetWindowTextLengthA
GetQueueStatus
CharLowerA
DispatchMessageA
RemovePropA
SetMenuDefaultItem
CharLowerBuffW
DdeFreeStringHandle
GetParent
ToAscii
CharUpperBuffA
DdeInitializeA
EndPaint
CreateCaret
IsRectEmpty
SetMenu
IsChild
SetCursor
AdjustWindowRectEx
MessageBoxA
SetKeyboardState
IsWindowVisible
CharNextA
SetParent
DdeQueryStringA
PostMessageW
FrameRect
DestroyCaret
FillRect
TabbedTextOutA
ShowScrollBar
CopyAcceleratorTableA
EnumClipboardFormats
DefWindowProcA
CreateWindowExA
FindWindowA
CharLowerBuffA
IsCharAlphaA
AttachThreadInput
IsIconic
SystemParametersInfoA
IsWindowEnabled
DdeCreateStringHandleA
UpdateWindow
DdeAbandonTransaction
DrawMenuBar
CreateMenu
TranslateMDISysAccel
UnregisterClassA
ReleaseDC
SetCaretPos
DdeQueryConvInfo
CreateDialogParamA
RegisterClipboardFormatA
ShowCaret
MoveWindow
GetScrollPos
DefFrameProcA

olecli32

OleEqual

ole32

OleGetAutoConvert
StgCreateDocfileOnILockBytes
CoUnmarshalInterface
CreateBindCtx
WriteClassStg
StgOpenStorage
StgIsStorageILockBytes
CLSIDFromString
CoFreeUnusedLibraries
OleLockRunning
CoRegisterClassObject
DoDragDrop
IIDFromString
OleCreateLink
CoCreateInstance
OleFlushClipboard
CLSIDFromProgID
OleGetIconOfClass
CreateOleAdviseHolder
OleDuplicateData
OleLoadFromStream
RevokeDragDrop
StringFromCLSID
CreateILockBytesOnHGlobal
CoMarshalInterface
OleSaveToStream
CoRegisterMessageFilter
CoGetMalloc
CoDisconnectObject
StgCreateDocfile
OleCreateLinkToFile
ProgIDFromCLSID
CoLockObjectExternal
CoGetClassObject
OleLoad
BindMoniker
CreateStreamOnHGlobal
OleDoAutoConvert
CoRevokeClassObject
OleSave
StringFromGUID2
OleQueryLinkFromData
OleTranslateAccelerator
OleRun
OleDestroyMenuDescriptor
ReleaseStgMedium
OleCreateFromData
OleConvertOLESTREAMToIStorage
OleGetClipboard
ReadClassStm
OleIsCurrentClipboard
OleQueryCreateFromData
OleIsRunning
ReadClassStg
StgOpenStorageOnILockBytes
OleRegGetUserType
CreateDataAdviseHolder
GetClassFile
OleUninitialize
RegisterDragDrop
OleConvertIStorageToOLESTREAM
MkParseDisplayName
IsAccelerator
OleCreateFromFile
OleSetClipboard
OleCreateLinkFromData
OleSetMenuDescriptor
OleInitialize
OleCreateMenuDescriptor
CoIsOle1Class

ws2_32

WSAAccept
WSAConnect

ddraw

DirectDrawEnumerateA

advapi32

RegQueryValueExA
RegCreateKeyA
RegDeleteKeyW
RegQueryInfoKeyA
RegEnumKeyW
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
RegCloseKey
RegisterEventSourceA
RegEnumKeyA
RegDeleteKeyA
OpenProcessToken
RegEnumValueW
LookupPrivilegeValueA
ReportEventA
AdjustTokenPrivileges
RegCreateKeyW
DeregisterEventSource
RegQueryValueExW
RegEnumValueA
RegSetValueA
RegQueryValueA
RegSetValueExW
RegDeleteValueW
RegOpenKeyW
RegOpenKeyA
SetSecurityDescriptorDacl

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6de24400529b8b5fa1c5d6f113e078b8

Headers

File Characteristics

Imports

kernel32

user32

olecli32

ole32

ws2_32

ddraw

advapi32

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 2.0MB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 520KB - Virtual size: 517KB

.rdata Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 2.0MB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 520KB - Virtual size: 517KB

.rdata
Size: 8KB - Virtual size: 5KB