9af228fe468da34e6355b69befdf5e7f

General

Target

9af228fe468da34e6355b69befdf5e7f
Size

236KB
MD5

9af228fe468da34e6355b69befdf5e7f
SHA1

bb1ff6d24c5e3d5b080586c5a50203f0e28f9f03
SHA256

e61cb97b2246bc2cd2ccf0837ebcb0fa4abd233cee2acd025c19153c5a4e16c7
SHA512

28e351ba79cf5185bd85c5657e6a73a735e84612578484ea085b565bab8bdd4d073c90e379cf44455af5c3c3619d242a7b9b73336bf4452a0494208873e6c0d1
SSDEEP

6144:sQ7KThImMq4DqBTtMLUak+3JTK2hfJ4eMUlfv0+p0uJ:H7K3R4OBTtRK3JTDv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9af228fe468da34e6355b69befdf5e7f

Files

9af228fe468da34e6355b69befdf5e7f
.dll windows:4 windows x86 arch:x86

ad2cda9cd9f88d31b6e2e173b41b014b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
DeleteFileA
DeviceIoControl
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FreeLibrary
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetExitCodeThread
GetFileTime
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStringTypeW
GetVersionExA
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
IsDebuggerPresent
OutputDebugStringA
SetEnvironmentVariableA
SetHandleCount
SetLastError
SizeofResource
UnhandledExceptionFilter
lstrlenW

advapi32

EnumDependentServicesA
IsWellKnownSid
RegCreateKeyExW
SetSecurityInfoExW
ConvertAccessToSecurityDescriptorA

msvcrt

_except_handler3
__p__commode
swscanf
exit
__set_app_type
__getmainargs

ole32

IsEqualGUID
CoGetObjectContext

ddraw

GetSurfaceFromDC
GetDDSurfaceLocal
DirectDrawEnumerateW
DirectDrawEnumerateExW
DirectDrawEnumerateExA
DirectDrawEnumerateA
DirectDrawCreateClipper
DirectDrawCreate
DSoundHelp
DDInternalUnlock

Exports

Exports

GetObjectData

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad2cda9cd9f88d31b6e2e173b41b014b

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

ole32

ddraw

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 128KB

.data Size: 96KB - Virtual size: 152KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 128KB - Virtual size: 128KB

.data
Size: 96KB - Virtual size: 152KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB