9b623a928f94b886397056671637e298

Sharing

Copy URL Twitter E-mail

General

Target

9b623a928f94b886397056671637e298
Size

353KB
MD5

9b623a928f94b886397056671637e298
SHA1

acc875f6ecb3d5ea836de07e1a739e6cac715167
SHA256

e793e9696e9006250f1a1675335b223376db3428392b5434447e4d1fa18878d5
SHA512

d4a3b08be06ed1de9b7663bf69578ca7ddc18b0742daa434a18690045f0f6cd62edfab499d9ac71a3c07e57debdadf38cd8463e81f31b27fa73207f78060deec
SSDEEP

6144:EstwzjYPULWo3rZCYOxk6P8dtv2ZN/M4QERpFplh+tf3pCeRaGj:XatLYLxk64IZN/MHERpjfaP8Lg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b623a928f94b886397056671637e298

Files

9b623a928f94b886397056671637e298
.exe windows:4 windows x86 arch:x86

157f2174e7b8eaf0147c2ca9ab404bf7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

user32

GetDC
SetCursor
EnumWindowStationsW
GetParent
SetClipboardData
GetKeyState
OpenClipboard
GetClientRect
GetWindowRect
FillRect
ReleaseDC
UnionRect
SetRectEmpty
EqualRect
InvalidateRect
CopyRect
PtInRect
ClientToScreen
CreatePopupMenu
RedrawWindow
SetWindowPos
EmptyClipboard
GetFocus
SetCapture
wsprintfW
IsWindow
SendMessageW
GetClipboardData
IsRectEmpty
LoadCursorW
TranslateMessage
GetDesktopWindow
UpdateWindow
EnableWindow
ReleaseCapture
CloseClipboard
IntersectRect
TrackPopupMenuEx
OffsetRect
SetRect
DestroyMenu
ClipCursor
SetParent
ScreenToClient

kernel32

_lread
InterlockedExchange
LocalAlloc
CopyFileW
DisableThreadLibraryCalls
WideCharToMultiByte
OutputDebugStringW
QueryPerformanceCounter
GetCurrentThreadId
InterlockedIncrement
ExitProcess
lstrlenA
CreateDirectoryW
GlobalUnlock
GetVersionExA
SetThreadAffinityMask
GetVersionExW
GetFullPathNameW
LocalFree
GetThreadLocale
GetLastError
GetProcessIoCounters
GetTempPathW
MultiByteToWideChar
TerminateProcess
FindFirstFileW
GetSystemTimeAsFileTime
InterlockedDecrement
GetCurrentProcessId
GlobalAlloc
GlobalLock
GetModuleFileNameA
lstrlenW
ReadFile
GetProcAddress
DeleteCriticalSection
GetTempFileNameW
FindClose
Sleep
FindNextFileW
GetLocaleInfoA
EnterCriticalSection
CreateFileW
SetFileAttributesW
GetACP
InitializeCriticalSection
GetModuleFileNameW
LeaveCriticalSection
FreeLibrary
DeleteFileW
RemoveDirectoryW
CloseHandle
GetTickCount
LoadLibraryW
GetFileAttributesExW

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bomex
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

157f2174e7b8eaf0147c2ca9ab404bf7

Headers

File Characteristics

Imports

winmm

winspool.drv

user32

kernel32

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 103KB - Virtual size: 103KB

.bomex Size: 4KB - Virtual size: 28KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 103KB - Virtual size: 103KB

.bomex
Size: 4KB - Virtual size: 28KB