9ab39f100e671b5d53d19780aebeb48a

Sharing

Copy URL Twitter E-mail

General

Target

9ab39f100e671b5d53d19780aebeb48a
Size

109KB
MD5

9ab39f100e671b5d53d19780aebeb48a
SHA1

b9084d4796e95fe16526ec34c6ff09aea4a790ab
SHA256

c187c2693a24d0ecc920a92b73a246915f81097371683280d5b6c109256db7c6
SHA512

62521082018af7626bf9558114927e0b39d0fcd7920da49f4f627bed2c2807ae7d2f2dd2b2e87a0f9707584b4efedfdda6b0a523d50debe97100e3ce119cfc2b
SSDEEP

1536:4HI5387uO/e/U2lT1k+Uyx7M+nu/hdfTCabQsF95nqUUbllhL2pvVZ1:4o5Gu0e//dUyhMlhNRbxnUblr69Z1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ab39f100e671b5d53d19780aebeb48a

Files

9ab39f100e671b5d53d19780aebeb48a
.exe windows:4 windows x86 arch:x86

6c7bebccc2e3ba7be88eaefffa73afa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
VerInstallFileA

shlwapi

SHQueryValueExA
SHSetValueA
SHGetValueA
SHStrDupA
PathGetCharTypeA
SHEnumValueA
SHQueryInfoKeyA
PathFileExistsA
PathIsContentTypeA
SHDeleteKeyA

advapi32

RegQueryValueA

ole32

PropVariantClear
CoUninitialize
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoCreateFreeThreadedMarshaler

kernel32

LoadLibraryA
VirtualAlloc
EnumCalendarInfoA
GetModuleHandleA
LocalAlloc

shell32

DragQueryFileA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetFolderPathA

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_Draw
ImageList_Create
ImageList_Add
ImageList_Write
ImageList_Read
ImageList_DrawEx
ImageList_Remove

user32

SetCursor
CharNextA
BeginDeferWindowPos
GetMenuState
GetCursorPos
CallWindowProcA
GetClassLongA
GetForegroundWindow
DrawTextA
DeferWindowPos
DrawMenuBar
EnumThreadWindows
HideCaret
EnumWindows
SetTimer
DrawFrameControl
DefMDIChildProcA
BeginPaint
DrawIcon
IsMenu
FrameRect
GetClassInfoA
GetClipboardData
GetActiveWindow
GetScrollInfo
GetFocus
GetLastActivePopup
GetMenuItemInfoA
GetMenuItemID
GetClientRect
GetScrollRange
ShowScrollBar
MessageBoxA
GetIconInfo
SystemParametersInfoA
GetDesktopWindow
ShowWindow
GetMenuItemCount
CharLowerA
EnumChildWindows
GetSysColorBrush
GetMenuStringA
IsWindowVisible
IsDialogMessageA
SetWindowPos
GetKeyNameTextA
GetPropA
GetDCEx
EndDeferWindowPos
CreateMenu
DrawIconEx
GetDlgItem
EnableWindow
GetCursor
EqualRect
DefFrameProcA
GetSubMenu
GetWindowTextA
GetWindow
CheckMenuItem
EnableMenuItem
GetDC
DefWindowProcA
GetParent
CharToOemA
RegisterClassA

msvcrt

memmove
strlen
ceil
strcmp
memcpy
srand
pow
sin

gdi32

SetBkColor
CreatePalette
RestoreDC
GetClipBox
SetBkMode
SelectPalette
GetDIBColorTable
SelectObject
BitBlt
GetRgnBox

comdlg32

ChooseColorA
FindTextA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c7bebccc2e3ba7be88eaefffa73afa7

Headers

File Characteristics

Imports

version

shlwapi

advapi32

ole32

kernel32

shell32

comctl32

user32

msvcrt

gdi32

comdlg32

Sections

.text Size: 50KB - Virtual size: 50KB

.bss Size: 4KB - Virtual size: 3KB

.init Size: 50KB - Virtual size: 50KB

.rdata Size: 2KB - Virtual size: 2KB

.text
Size: 50KB - Virtual size: 50KB

.bss
Size: 4KB - Virtual size: 3KB

.init
Size: 50KB - Virtual size: 50KB

.rdata
Size: 2KB - Virtual size: 2KB