9af89577b47acf6d523190edba3d1b31

Sharing

Copy URL

Twitter E-mail

General

Target

9af89577b47acf6d523190edba3d1b31
Size

407KB
MD5

9af89577b47acf6d523190edba3d1b31
SHA1

02df3b2b21c203dc327a0767f32e9f6fac58610a
SHA256

20992df084b431ccff61d9f6ea4173fd705397987a60d4d1d31defc3e45be6e2
SHA512

3e9203ae57b43b9a2dc3e7f321ed40f38fe17482834277357afe370f926ea3bed4f3f6fb1a3371a1f47a3e98aa8ee4eeb3ab9636f491c4628ff9115049e9e39f
SSDEEP

12288:TwMbDPyShQkJiN6NxxqA5F2KFy/b5Ro4KC:sMLi3oxkA5Q4y/b5R6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9af89577b47acf6d523190edba3d1b31

Files

9af89577b47acf6d523190edba3d1b31
.exe windows:4 windows x86 arch:x86

674f1129b7cd108dd2bfbb946755c298

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetStdHandle
lstrcatW
GetCommandLineA
GetLocaleInfoA
LoadResource
HeapAlloc
LoadLibraryA
TlsFree
LCMapStringA
UnhandledExceptionFilter
FlushViewOfFile
WaitForSingleObject
EnterCriticalSection
SetLastError
TlsAlloc
CompareStringW
GetOEMCP
GetStartupInfoA
HeapSize
SetEnvironmentVariableA
GetCPInfo
GetStartupInfoW
GetCommandLineW
TryEnterCriticalSection
GetSystemInfo
TlsSetValue
GetModuleFileNameW
GetProcAddress
OpenFile
GetLocaleInfoW
WideCharToMultiByte
GetLocalTime
FreeEnvironmentStringsW
GetTempPathW
GetTimeFormatA
VirtualQuery
IsValidLocale
VirtualProtect
LeaveCriticalSection
DeleteCriticalSection
GetUserDefaultLCID
TlsGetValue
GetLastError
HeapReAlloc
IsValidCodePage
ExitProcess
SetEnvironmentVariableW
WaitNamedPipeA
VirtualAlloc
WriteFile
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
GetEnvironmentStrings
GetVersionExA
HeapCreate
GetCurrentThreadId
MultiByteToWideChar
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
InitializeCriticalSection
EnumSystemLocalesA
TransactNamedPipe
GetTickCount
GetStringTypeW
LoadModule
GetDateFormatA
SetHandleCount
LCMapStringW
RtlUnwind
GetCurrentThread
GetSystemTimeAsFileTime
InterlockedExchange
IsBadWritePtr
GetACP
GetFullPathNameA
GetFileType
FindResourceA
GetStringTypeA
GetTimeZoneInformation
HeapFree
TerminateProcess

gdi32

GetTextExtentPoint32A
SetWindowExtEx
SetROP2
EnumEnhMetaFile
GetEnhMetaFileDescriptionA
TextOutW
GetCharABCWidthsFloatW
GdiFlush
SetDeviceGammaRamp
BeginPath
Polygon
CloseFigure
UpdateICMRegKeyW
GetPaletteEntries
SetFontEnumeration
CreateSolidBrush
RectVisible
GetNearestPaletteIndex

shell32

SHGetSpecialFolderPathA
SHGetDiskFreeSpaceA
DragAcceptFiles
SHGetSettings

advapi32

RegSetKeySecurity
RegFlushKey
LookupPrivilegeDisplayNameA
RegEnumValueW
RegRestoreKeyA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

674f1129b7cd108dd2bfbb946755c298

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

advapi32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 272KB - Virtual size: 272KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 272KB - Virtual size: 272KB

.rsrc
Size: 8KB - Virtual size: 7KB