9ae32ad159d126278d9f7fc94f96adfa

Sharing

Copy URL

Twitter E-mail

General

Target

9ae32ad159d126278d9f7fc94f96adfa
Size

3.3MB
MD5

9ae32ad159d126278d9f7fc94f96adfa
SHA1

59469daf99f9fbc0b83d9fc1128af4e313f89b1b
SHA256

87930e435af99eda9ad298493193b5ca78d4c3aeba7747158f2e983e8ee4445f
SHA512

f32059f93e209e5baf435388e31411efea05140668a67267eeb3354efd0d7e028f2df5aa293bfea50f2878340f4c71d8b608de35ed1c4e7be3a54760fa1a0787
SSDEEP

49152:2jH5mJX9IvGtO0j8DlojeoQcXiG7e26q/+M:2jH5mJywKyZLF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ae32ad159d126278d9f7fc94f96adfa

Files

9ae32ad159d126278d9f7fc94f96adfa
.exe windows:4 windows x86 arch:x86

35c2f642097f5b6e1cfa60f847ecb5f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
TerminateProcess
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStartupInfoA
RaiseException
RtlUnwind
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetErrorMode
FindResourceExA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
GlobalFlags
MulDiv
SetLastError
LocalFree
CloseHandle
GetModuleFileNameA
GetCurrentThread
GlobalReAlloc
GlobalAlloc
lstrcpynA
lstrcmpA
VirtualProtect
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
Sleep
GetModuleHandleA
GetVersionExA
GetProcAddress

user32

ClientToScreen
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
GetDesktopWindow
wvsprintfA
MapDialogRect
GetAsyncKeyState
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetDC
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
TabbedTextOutA
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
ReleaseDC
BeginPaint
GetFocus
EndPaint
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
DrawTextA
GrayStringA
LoadStringA
DestroyMenu
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
wsprintfA
EnableWindow
UnregisterClassA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
EnumFontFamiliesExA
ScaleWindowExtEx
GetDeviceCaps
DeleteObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectA
CreateFontIndirectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

DestroyPropertySheetPage
ord17
CreatePropertySheetPageA
ImageList_Destroy
PropertySheetA

odbc32

ord72
ord4
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord2
ord1
ord50
ord45
ord51
ord10
ord5
ord16
ord61
ord13
ord18
ord11
ord3
ord14
ord9
ord15

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35c2f642097f5b6e1cfa60f847ecb5f0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

odbc32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 372KB - Virtual size: 384KB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 372KB - Virtual size: 384KB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB