9b54ee825b0bccb1638179fcbb2cb76e

General

Target

9b54ee825b0bccb1638179fcbb2cb76e
Size

183KB
MD5

9b54ee825b0bccb1638179fcbb2cb76e
SHA1

7b3d848f25adce32178db3916d3e4c6df44d618e
SHA256

46f823d13e00c35f8ec680c8f8f41fa34774132239c4f2f516a0be9e1df33e3c
SHA512

143e7925f8843fba5e593374e67a2914708976176763b03d254c68af3b7b3097262874fe60b53f495bdf13e80dfff62084c3e6c64a82f3789df004bcedc12832
SSDEEP

3072:65R2wbo+wyYo9c8itN9dqLSnZS1V8Dwaxz0gNN77fft4h6xZpzxWhgDn:jY3wyYcdqNyLWZS1V+5NHffNxdWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b54ee825b0bccb1638179fcbb2cb76e

Files

9b54ee825b0bccb1638179fcbb2cb76e
.exe windows:5 windows x86 arch:x86

b5f67af40322cc64c02ecba4d4ebec4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\wocfles\hhyOno\WUupk.pdb

Imports

gdi32

CreateRectRgn
Polygon
RoundRect
OffsetRgn
LPtoDP
SetTextColor
EndPage
SetAbortProc

user32

LoadCursorW
LoadStringA
PostMessageW
CreateAcceleratorTableW
WindowFromDC
InsertMenuItemW
UnloadKeyboardLayout
SetMenuDefaultItem
CallWindowProcA
MessageBoxA
keybd_event
wsprintfA
HiliteMenuItem

comdlg32

PrintDlgExW
CommDlgExtendedError

kernel32

GetModuleHandleW
TlsFree
LoadLibraryA
lstrlenW
SearchPathW
GlobalSize
ExitThread
lstrcmpW
GetProcAddress
GetOEMCP
GetTickCount
GetCurrentThreadId
CopyFileW
SleepEx

Exports

Exports

?rnbbiGpY@@YGPAXJPAG@Z
?jmVncTFwxomvchfgjYt@@YGEPAEH@Z
?byzctzy@@YGJ_N@Z
?gzAtoumpywpkvGiktfPp@@YGMPADE@Z
?kpBoyNjizkahxObk@@YGXEJ@Z
?vqhcuokijN@@YGPAFKI@Z
?etFhmdp@@YGKGPAN@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 303B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5f67af40322cc64c02ecba4d4ebec4e

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 144KB - Virtual size: 144KB

.crt Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 303B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 144KB - Virtual size: 144KB

.crt
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 303B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB