9b19fe0551bf6643abd59e2de4a9aebe

Sharing

Copy URL Twitter E-mail

General

Target

9b19fe0551bf6643abd59e2de4a9aebe
Size

863KB
MD5

9b19fe0551bf6643abd59e2de4a9aebe
SHA1

1d3f6b579d8adb1f44aa4aed2da030193a45a759
SHA256

ca172a19f83cec80a0445dba8697dc09fda830acc2ae925f424c909e9b2fa924
SHA512

0bdc0d30a6022348e05b2593e56009be2ff1069020285cb93db1a207fb2c77f3e5340a7c9b949ed40e0c0a680f86d96bbb87f595c98d6d9b4a079b05dc8af044
SSDEEP

24576:4o0URQ2NXLZy//J8YKEs6f2w6TR34rvkpGSkwAz5f5C:t/N7MHJjtWdorMpPkRtw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b19fe0551bf6643abd59e2de4a9aebe

Files

9b19fe0551bf6643abd59e2de4a9aebe
.exe windows:4 windows x86 arch:x86

81a0d7310e88cc015e4cdb428b9281d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollBarInfo
GetMessagePos
GetSystemMenu
ShowCursor
LoadAcceleratorsA
GetDoubleClickTime
DestroyAcceleratorTable
IsCharLowerA
GetAsyncKeyState
GetMenuItemCount
IMPGetIMEA
GetClipboardFormatNameA
InsertMenuItemA
DestroyMenu
EnumDisplayMonitors
LoadMenuIndirectA
InvalidateRgn
SetSysColors
LoadIconA
MonitorFromPoint
GetClassWord
RegisterDeviceNotificationA
SendMessageTimeoutA
EndMenu
DdeUnaccessData
FreeDDElParam
GetIconInfo
DdeQueryStringA
TranslateAccelerator
BringWindowToTop
PostQuitMessage
EnumClipboardFormats
GetShellWindow
DdeClientTransaction
RemovePropA
DrawTextExA
SetDoubleClickTime
SetMessageExtraInfo
SetWindowRgn
SetKeyboardState
GetMenuState
UnhookWinEvent
CopyIcon
DrawCaption
DdeCreateDataHandle
DispatchMessageA
DefMDIChildProcA
SetClipboardData
SwitchToThisWindow
DdeNameService
LookupIconIdFromDirectory
OemToCharA
OpenDesktopA
EnumPropsExA
DrawMenuBar

advapi32

GetSidSubAuthority
CryptSignHashA
AccessCheck
ChangeServiceConfigA
CryptEncrypt
GetAclInformation
CryptGetKeyParam
CryptHashSessionKey
RegQueryValueA
RegSaveKeyA
FindFirstFreeAce
BackupEventLogA
RegUnLoadKeyA
RegOpenKeyA
CryptSetKeyParam
GetSecurityDescriptorControl
InitializeAcl
CryptDestroyHash
SetEntriesInAuditListA
AddAce
RegConnectRegistryA
GetSecurityDescriptorOwner
EnumDependentServicesA
QueryServiceObjectSecurity
CryptGenKey
PrivilegeCheck
CryptContextAddRef
GetServiceDisplayNameA
ControlService
OpenEventLogA
RegFlushKey
GetMultipleTrusteeA
RegDeleteValueA
DeregisterEventSource
IsTextUnicode

kernel32

LocalFileTimeToFileTime

Sections

.vyb
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ncnir
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ehwdw
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xipal
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qvsv
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.knijm
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lyl
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdm
Size: 48KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbu
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81a0d7310e88cc015e4cdb428b9281d2

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.vyb Size: 638KB - Virtual size: 1.3MB

.ncnir Size: 6KB - Virtual size: 8KB

.ehwdw Size: 19KB - Virtual size: 27KB

.xipal Size: 512B - Virtual size: 21KB

.qvsv Size: 6KB - Virtual size: 15KB

.knijm Size: 512B - Virtual size: 56B

.lyl Size: 512B - Virtual size: 24B

.sdm Size: 48KB - Virtual size: 77KB

.sbu Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.vyb
Size: 638KB - Virtual size: 1.3MB

.ncnir
Size: 6KB - Virtual size: 8KB

.ehwdw
Size: 19KB - Virtual size: 27KB

.xipal
Size: 512B - Virtual size: 21KB

.qvsv
Size: 6KB - Virtual size: 15KB

.knijm
Size: 512B - Virtual size: 56B

.lyl
Size: 512B - Virtual size: 24B

.sdm
Size: 48KB - Virtual size: 77KB

.sbu
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB