9afc533f875a3280048bea7e498746a5

Sharing

Copy URL

Twitter E-mail

General

Target

9afc533f875a3280048bea7e498746a5
Size

72KB
MD5

9afc533f875a3280048bea7e498746a5
SHA1

bfb423cff796e4fd9cfdb0d79563198e4e18bba6
SHA256

d46b0d392ce67201e4e28e58bdb133989630265376cb6341b64f299891b896aa
SHA512

e7c098263d9b03b3ffa20fe22717ab7a751ae2eb01e13a10fb56ba9b64ec88393ff456a347b3d136935411cea63030a9be269b6c0565195ac33005fc04be1483
SSDEEP

1536:WzePL9ihxoI+rtyWASIC4qrFfpFF60a8U3/HN1t8rn7IPCFiR3fsk6+/vmjof:Wz9hxoI+rty+IjqrLa8UvNzLPjfsXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9afc533f875a3280048bea7e498746a5

Files

9afc533f875a3280048bea7e498746a5
.exe windows:5 windows x86 arch:x86

c778bcfb56c72d7b39ac2e740dea3018

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

PropVariantClear
StgCreateDocfile
CoGetObjectContext
OleInitialize
StringFromGUID2
CoRevertToSelf
OleLoadFromStream
CoCreateGuid
OleTranslateAccelerator
StgCreateDocfileOnILockBytes
ReleaseStgMedium
StgOpenStorage
CoUninitialize
CoMarshalInterThreadInterfaceInStream
OleUninitialize
CoGetInterfaceAndReleaseStream
CoUnmarshalInterface
CoReleaseMarshalData
CLSIDFromString
GetHGlobalFromStream
GetRunningObjectTable
CoTaskMemFree

version

GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA

user32

EnumChildWindows
SendDlgItemMessageA
PeekMessageA
SystemParametersInfoW
GetProcessWindowStation
ScreenToClient
GetPropA
GetSysColorBrush
SetRect
DestroyWindow
CharUpperW
IntersectRect
WinHelpW
IsMenu
wsprintfA
LoadCursorA
GetActiveWindow
GetFocus
MoveWindow
CreateWindowExA
GetWindowLongW
GetCursorPos
GetSysColor
SetMenu
PostQuitMessage
GetWindowPlacement
GetClassNameW
BeginPaint
ChangeMenuW
GetDlgItem
GetDC
GetCapture
EqualRect
SetForegroundWindow
DrawFocusRect
SetDlgItemTextW
EnableWindow

comctl32

InitCommonControls
ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageW
ImageList_Draw

advapi32

RegQueryValueW
ConvertStringSidToSidW
RegEnumKeyW
SetEntriesInAclW
RegQueryValueExA
OpenSCManagerA
GetSecurityDescriptorDacl
OpenServiceW
RegEnumValueW
InitializeAcl
EqualSid
RegCreateKeyExW
IsValidSecurityDescriptor
GetTraceEnableLevel
GetLengthSid
StartServiceW
RegisterTraceGuidsW
InitializeSecurityDescriptor
UnregisterTraceGuids
OpenServiceA
CheckTokenMembership
InitializeSid
RegFlushKey
RegQueryValueExW
RegDeleteValueW
SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyA

msvcrt

_stricmp
iswalpha
_unlock
_isatty
wcsncmp
toupper
_itow
__CxxFrameHandler
isdigit
_wcslwr
time
_wsplitpath
bsearch
_except_handler3
__set_app_type
??3@YAXPAX@Z
strncpy
iswspace
??1type_info@@UAE@XZ
wcsncpy

kernel32

DeleteCriticalSection
lstrlenW
GetFileAttributesA
TlsGetValue
HeapDestroy
EnterCriticalSection
MapViewOfFile
lstrcpynA
InitializeCriticalSectionAndSpinCount
ResetEvent
GetFileSize
GetLocaleInfoW
GetCurrentProcess
CompareStringA
ExitProcess
InterlockedCompareExchange
FileTimeToLocalFileTime
GlobalFree
VirtualAlloc
lstrcatA
GetModuleFileNameW
CreateEventA
GetLastError
OpenProcess
SetFileAttributesW

rpcrt4

RpcRaiseException
RpcStringBindingComposeW
RpcRevertToSelf
NdrDllUnregisterProxy
NdrOleAllocate
RpcStringFreeA
NdrStubForwardingFunction
RpcStringBindingParseW
RpcServerUseProtseqEpW
CStdStubBuffer_AddRef
RpcBindingSetAuthInfoW
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
RpcBindingFree
CStdStubBuffer_DebugServerQueryInterface
RpcBindingVectorFree
NdrDllCanUnloadNow
CStdStubBuffer_IsIIDSupported

Sections

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 39KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c778bcfb56c72d7b39ac2e740dea3018

Headers

File Characteristics

Imports

ole32

version

user32

comctl32

advapi32

msvcrt

kernel32

rpcrt4

Sections

.rdata Size: 6KB - Virtual size: 5KB

.text Size: 10KB - Virtual size: 9KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: 14KB - Virtual size: 28KB

.idata Size: 39KB - Virtual size: 84KB

.rdata
Size: 6KB - Virtual size: 5KB

.text
Size: 10KB - Virtual size: 9KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: 14KB - Virtual size: 28KB

.idata
Size: 39KB - Virtual size: 84KB