9affdce21391343f83d84bea830e90a0

Sharing

Copy URL Twitter E-mail

General

Target

9affdce21391343f83d84bea830e90a0
Size

148KB
MD5

9affdce21391343f83d84bea830e90a0
SHA1

b843df81c092180772d3d77a2a025c206b0af4f4
SHA256

100ee53137dfe16a2d2f82b9cf1d04b696fe206e5beb9ab7bf6e1aa43ce205a3
SHA512

dcfc4db20c3c022b8967536af7f5653d7cfc6c280f6b2410406753bb093aac4e5751e620660d3e23832b3503d0f588a8bd81156f2c9b46234141e455586079b9
SSDEEP

3072:lP1RUiAjnXwTxfddfxUKdk6QpNtjwqZqTgnICt8NRvw:lHAjgt1dZUH6QJZqTRv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9affdce21391343f83d84bea830e90a0

Files

9affdce21391343f83d84bea830e90a0
.exe windows:4 windows x86 arch:x86

407cce835e601ceef795b60909503acb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePenIndirect
GetDIBColorTable
CreateCompatibleDC
GetObjectA
SaveDC
GetDIBits
CreateFontIndirectA
CreateDIBitmap
BitBlt
LineTo
CreateCompatibleDC
CreateBitmap
RestoreDC
CreateDIBitmap
GetDIBits
CreateFontIndirectA
CreatePalette
GetCurrentPositionEx
CopyEnhMetaFileA
GetRgnBox
GetRgnBox
GetBitmapBits
GetDIBColorTable
GetPixel
CreateDIBSection
GetPixel
GetCurrentPositionEx
CreateBrushIndirect
GetBitmapBits
SetTextColor
LineTo
RestoreDC
CreateCompatibleBitmap
CreateDIBitmap

msvcrt

strlen
fabs
tan
exit
swprintf
rand
malloc
sqrt
strncmp
memcmp
mbstowcs

oleaut32

RegisterTypeLib
SysStringLen
SysAllocStringLen
SysReAllocStringLen
SafeArrayGetElement
VariantCopyInd
GetErrorInfo
SafeArrayUnaccessData
OleLoadPicture
SafeArrayCreate
SysStringLen
SafeArrayGetUBound
OleLoadPicture
SafeArrayGetElement
SysReAllocStringLen
SysFreeString
RegisterTypeLib
SafeArrayGetUBound

kernel32

GetSystemDefaultLangID
GetCurrentProcessId
SizeofResource
GetEnvironmentStrings
GlobalAddAtomA
GetCurrentThreadId
ResetEvent
GetUserDefaultLCID
GetCurrentProcessId
FindClose
Sleep
CloseHandle
LocalReAlloc
FindFirstFileA
LocalReAlloc
GetProcessHeap
LoadLibraryA
GetACP
ExitProcess
VirtualAllocEx
GetCommandLineW
lstrlenA
GetModuleHandleW
GetModuleHandleA
GetProcAddress
ExitThread
IsBadReadPtr
GetLastError

comctl32

ImageList_DrawEx
ImageList_Destroy
ImageList_Write
ImageList_Read
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_Draw
ImageList_DrawEx
ImageList_Remove

comdlg32

FindTextA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA
FindTextA
FindTextA
GetOpenFileNameA
ChooseColorA
GetFileTitleA
GetOpenFileNameA
FindTextA
GetSaveFileNameA
GetSaveFileNameA
GetOpenFileNameA
FindTextA
ChooseColorA

user32

DestroyMenu
DrawIcon
CreateIcon
DispatchMessageW
DeleteMenu
CallNextHookEx
DrawEdge
ChildWindowFromPoint
CharNextW
DefMDIChildProcA
AdjustWindowRectEx
CharLowerA
CloseClipboard
DispatchMessageA
CharToOemA
CheckMenuItem
CreateMenu
DefFrameProcA
DestroyIcon
DefWindowProcA
DrawFrameControl
DestroyWindow
CharUpperBuffA
CharLowerBuffA
CharNextA
ClientToScreen
DestroyCursor
CreatePopupMenu
BeginPaint
CallWindowProcA

advapi32

RegLoadKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA

shell32

Shell_NotifyIconA
SHGetFolderPathA
SHGetFileInfoA
SHFileOperationA
SHGetDesktopFolder
SHGetDesktopFolder
SHGetFileInfoA
SHGetFolderPathA

shlwapi

SHDeleteKeyA
PathGetCharTypeA
SHSetValueA
SHDeleteValueA
SHQueryValueExA
SHStrDupA
PathIsContentTypeA
SHGetValueA
SHDeleteKeyA
SHQueryValueExA
PathFileExistsA
PathIsDirectoryA
PathGetCharTypeA
SHEnumValueA
SHEnumValueA
SHQueryValueExA
SHDeleteKeyA

version

VerFindFileA
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

StringFromIID
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CreateBindCtx
CoFreeUnusedLibraries
CoTaskMemFree
PropVariantClear
OleRun
StgOpenStorage
StringFromIID
CoDisconnectObject
CoFreeUnusedLibraries

Sections

CODE
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

407cce835e601ceef795b60909503acb

Headers

File Characteristics

Imports

gdi32

msvcrt

oleaut32

kernel32

comctl32

comdlg32

user32

advapi32

shell32

shlwapi

version

ole32

Sections

CODE Size: 104KB - Virtual size: 100KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 5KB

DATA Size: 4KB - Virtual size: 206B

.ddata Size: 8KB - Virtual size: 6KB

.rsrc Size: 12KB - Virtual size: 8KB

CODE
Size: 104KB - Virtual size: 100KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 5KB

DATA
Size: 4KB - Virtual size: 206B

.ddata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 12KB - Virtual size: 8KB