9afea8adb06ac940331d6e38598aea56

General

Target

9afea8adb06ac940331d6e38598aea56
Size

77KB
MD5

9afea8adb06ac940331d6e38598aea56
SHA1

5a1b7bda5b241d0d552342dfff8fd81d5c4c1b0b
SHA256

26c47277a0842b1552e29f71156280651eeb942d7341a16fc05e13ff330cc3ad
SHA512

d44154709bf2f4fb702f4f3e4a11a58750b2493b8d11e4fd5ec10b57ca2bd35bb5ca36458aa44bf96ef226a4928c9ac26e4c6553fddf214d232b01cc8dce7df4
SSDEEP

1536:Eg319avrMUrbgxP6dp8c5nObzKdDYTb3K3AuWHC7s+sMjmBh5RT7kuIBXtjIp6Gw:Eg/az9rbgB6zpgzKgCAxi7xsMiBhMuI3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9afea8adb06ac940331d6e38598aea56

Files

9afea8adb06ac940331d6e38598aea56
.exe windows:4 windows x86 arch:x86

aa75a038b845de32afac4fd93e647b81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_fullpath
strlen
realloc
_XcptFilter
fprintf
_pctype
fseek
memmove
abs
strncat
memcmp
strcmp

gdi32

SetTextAlign
SetBkMode
CreatePen
CreateDIBSection
GetTextExtentPoint32A
SetROP2
EndDoc
GetBkColor
SelectClipRgn
BitBlt
LineTo

user32

FindWindowExA
CheckDlgButton
GetMenuItemID
GetSystemMetrics
ShowScrollBar
SetMenuItemBitmaps
DestroyWindow
UnionRect
GetWindow
EndDialog
ReleaseDC

kernel32

CloseHandle
GetSystemTimeAsFileTime
CompareStringW
SetErrorMode
SetStdHandle
GetFileType
WriteConsoleW
GetSystemDirectoryA
lstrcpynA
DeviceIoControl
GetCurrentThread
lstrcpyA
GetCurrentProcess
GetTickCount
WideCharToMultiByte
MulDiv
CreateFileMappingA
FlushFileBuffers
SetEvent
RaiseException

advapi32

AdjustTokenPrivileges
QueryServiceStatus
GetLengthSid
CloseServiceHandle
QueryServiceObjectSecurity
SetSecurityInfo
OpenProcessToken
RegDeleteKeyA
FreeSid
SetKernelObjectSecurity
RegCreateKeyExA

ole32

OleCreateFromData
CoFreeUnusedLibraries
CoAddRefServerProcess
OleInitialize
CoFileTimeToDosDateTime
OleRegGetMiscStatus
OleRun
OleQueryCreateFromData
OleCreateEx

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa75a038b845de32afac4fd93e647b81

Headers

File Characteristics

Imports

msvcrt

gdi32

user32

kernel32

advapi32

ole32

Sections

.text Size: 71KB - Virtual size: 70KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 944B

.text
Size: 71KB - Virtual size: 70KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 944B