9abce1bacfc692ffbbf0a4ffbc1b9aff

Sharing

Copy URL

Twitter E-mail

General

Target

9abce1bacfc692ffbbf0a4ffbc1b9aff
Size

436KB
MD5

9abce1bacfc692ffbbf0a4ffbc1b9aff
SHA1

bbfe409ca817ce6ccd223d364a108a1d94eae1ff
SHA256

4f32bc574876fad306b786b11abed748c3ab01e0ca83f5acd908b7e2e56a2f17
SHA512

9ef9a3331a4ce9e639538b4b50cb0748833855471f461d4d8749e1e26581940e2467bbfd712fe6efcb0110cc0b168565ec601757f60c29f5041214d14e730503
SSDEEP

6144:PcwURvHel+mlG4Pb34IxQqUFLjPg9OxDZZm5amyg/DXBBKsuuIZX1VdJRfGzRv5J:Pc5HFmlG4UrPRBmyg/DXBBKRlZXaxwRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9abce1bacfc692ffbbf0a4ffbc1b9aff

Files

9abce1bacfc692ffbbf0a4ffbc1b9aff
.exe windows:4 windows x86 arch:x86

d27bf291d8d3cea66fdcf849fcc75d31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetWindowsDirectoryA
CopyFileA
Sleep
CloseHandle
IsDebuggerPresent
GetACP
CreateFileA
GetLastError
DeviceIoControl
FreeLibrary
SetLastError
GetModuleHandleA
VirtualProtectEx
GetVersion
LoadLibraryA
GetProcAddress
GetCurrentProcess
VirtualProtect
lstrlenW
GetTempFileNameA
GetTempPathA
GetCommandLineA
GetPrivateProfileSectionA
GetSystemDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
CreateProcessA
MoveFileA
CreateDirectoryA
CreateEventA
SetEvent
ResetEvent
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
lstrcpyA
WinExec
lstrcatA
GetStartupInfoA
WriteFile
UnmapViewOfFile
SystemTimeToFileTime
GetCurrentDirectoryA
LocalFileTimeToFileTime
SetFileTime
SetCurrentDirectoryA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
LocalFree
FlushInstructionCache
SetFilePointer
GetPrivateProfileIntA

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA

cfgdll

gdi32

GetObjectA
CreateFontIndirectA
GetStockObject
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32A

mfc42

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
_mbsstr
_CxxThrowException
_mbsnbcpy
sprintf
isupper
isdigit
_splitpath
fgetc
exit
fseek
ftell
rewind
fread
strpbrk
atoi
free
strstr
strncpy
__CxxFrameHandler
calloc
fclose
fputc
_setmbcp
_stricmp
_itoa
fopen
wcslen
_except_handler3
_mbscmp
fprintf
fgets
sscanf
fwrite
isxdigit

ole32

OleRun
CoInitialize
CoCreateInstance

oleaut32

shell32

Shell_NotifyIconA
ShellExecuteA

user32

GetDesktopWindow
SetForegroundWindow
PostQuitMessage
MessageBeep
GetForegroundWindow
GetKeyState
GetCursorPos
SendInput
GetGUIThreadInfo
SetWindowLongA
InvalidateRect
InflateRect
GetDC
ReleaseDC
SetWindowRgn
mouse_event
keybd_event
SetTimer
EnableWindow
GetAsyncKeyState
GetWindowRect
IsIconic
GetClientRect
DrawIcon
LoadIconA
GetParent
GetSystemMetrics
MapVirtualKeyA
SetCursor
LoadCursorA
PostMessageA
SendMessageA
SetCursorPos

winio

SetPortVal
ShutdownWinIo
GetPortVal

winmm

timeGetTime

Sections

CODE
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d27bf291d8d3cea66fdcf849fcc75d31

Headers

File Characteristics

Imports

kernel32

advapi32

cfgdll

gdi32

mfc42

msvcrt

ole32

oleaut32

shell32

user32

winio

winmm

Sections

CODE Size: 424KB - Virtual size: 424KB

.rsrc Size: 4KB - Virtual size: 8KB

.avc Size: 5KB - Virtual size: 8KB

CODE
Size: 424KB - Virtual size: 424KB

.rsrc
Size: 4KB - Virtual size: 8KB

.avc
Size: 5KB - Virtual size: 8KB