9ae0b1a298e260138c8660e8d0cbe726

Sharing

Copy URL Twitter E-mail

General

Target

9ae0b1a298e260138c8660e8d0cbe726
Size

319KB
MD5

9ae0b1a298e260138c8660e8d0cbe726
SHA1

5a6f82f5429ab8e812647bbd31dd31d7bd5c03c9
SHA256

a0c6c0f30f04f3f902a1aa44eaee572dc227e241a6d6e54017581e87a65dd555
SHA512

207dc1df324a50a5c4f814dc7aeb4a8b2e2c522d6551b81fd568f62ada29f779bfb4f4e6f61a955fa4d867459b1e1c2f3513f29d52a7c042fbe6f780c1f4fd0f
SSDEEP

6144:o3LN/JyVAvDOXkRfLf8AECeiO7h4qJ5ElWaEqxYtYlnZUI4muZCU:ALNByVAiURfLfV5HMKqJ5El3sGChmuV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ae0b1a298e260138c8660e8d0cbe726

Files

9ae0b1a298e260138c8660e8d0cbe726
.exe windows:4 windows x86 arch:x86

be9c01cd4c5032a1e8a6b8d84aea376d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
MultiByteToWideChar
GetStringTypeW
GlobalUnlock
GlobalLock
Beep
GlobalAddAtomA
WideCharToMultiByte
InterlockedDecrement
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FindResourceExW
lstrlenA
TlsSetValue
TlsGetValue
GetExitCodeThread
GetExitCodeProcess
SetFilePointer
GetSystemDirectoryA
CreateFileA
DuplicateHandle
ReadFile
GetLastError
GetModuleHandleW
WaitForMultipleObjects
LocalFree
LocalAlloc
LockResource
LoadResource
CloseHandle
GlobalFree
VirtualProtect
GlobalAlloc
GlobalSize
GetCommandLineA
GetStartupInfoA

user32

SetWindowPos
MapWindowPoints
SetScrollInfo
EndPaint
BeginPaint
PostMessageW
EnumThreadWindows
SetWindowTextW
SendNotifyMessageW
DrawIcon
DrawEdge
SetTimer
KillTimer
DispatchMessageW
GetMessageW
DefWindowProcW
SetForegroundWindow
SystemParametersInfoW
GetClientRect
ShowWindow
DestroyWindow
DestroyIcon
ScreenToClient
IsIconic
VkKeyScanW
GetCaretBlinkTime
AdjustWindowRectEx
SetActiveWindow
NotifyWinEvent
IsWinEventHookInstalled
GetKeyboardLayout
ScrollDC
ReplyMessage
ShowWindowAsync
CreateIconFromResourceEx
TrackPopupMenuEx
SetCursor
WindowFromPoint
GetCursorPos
GetLastActivePopup
CloseClipboard
OpenClipboard
GetClipboardData
PtInRect
EnableMenuItem
ReleaseDC
GetWindowRect
LoadStringW
SendMessageW
GetWindowLongW
SetWindowLongW
GetSystemMetrics
InflateRect
GetKeyboardLayoutNameA
CloseDesktop
CloseWindowStation
MapVirtualKeyW
GetKeyState
ReleaseCapture
UnhookWindowsHookEx
SetWindowsHookExW
SetThreadDesktop
MessageBoxW
ActivateKeyboardLayout
GetKeyboardLayoutNameW
InvalidateRect

gdi32

GetObjectW
SelectObject
CreateCompatibleDC
SetTextColor
DeleteObject
BitBlt
SetLayout
GetLayout
SelectPalette
TranslateCharsetInfo
SetBkColor
CreateDCW
GdiFlush
GetCurrentObject
GetRgnBox
PatBlt
GetCharWidth32W
GetTextMetricsW
CreateBitmap
GetDIBits
CreateDIBitmap
SetBitmapBits
DeleteDC

msvcr71

_controlfp
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_except_handler3
_onexit

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be9c01cd4c5032a1e8a6b8d84aea376d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcr71

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 248KB - Virtual size: 489KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 248KB - Virtual size: 489KB

.rsrc
Size: 1KB - Virtual size: 1KB