9b81055d2c41dec20f39f63440ac2f0a

Sharing

Copy URL

Twitter E-mail

General

Target

9b81055d2c41dec20f39f63440ac2f0a
Size

515KB
MD5

9b81055d2c41dec20f39f63440ac2f0a
SHA1

ca189e2a0010f8a459e4441ce5272bec9e5efde0
SHA256

6a667d26eb07abe02bee6cf6e390c95bea3943a1136dc08c9b43d6cd27df0f5c
SHA512

97438b9c79cafa0b47248d511388f99fc6daae603bd56751e97ff08577ede3c2cf528ead1bdb7a39709687650c3d4b47afb7eff49579f2c50de2802057601da4
SSDEEP

12288:G6fUTVNqN5r2IZyi8E18PZ3W5AoiP8o1bVC+ix7a72fxoRqJ:G6s7y5k08R1L9MLxVJNJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b81055d2c41dec20f39f63440ac2f0a

Files

9b81055d2c41dec20f39f63440ac2f0a
.exe windows:5 windows x86 arch:x86

f5202628667afd7c6d04063fb3731f23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
SetBkColor
DeleteObject
GetDeviceCaps
DeleteDC
SetTextColor
CreateCompatibleDC
CreateSolidBrush
SetBkMode

advapi32

RegDeleteKeyA
RegCloseKey
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCreateKeyExA
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegSetValueExA

oleaut32

SysAllocString
SysFreeString

ole32

CoUninitialize
CoCreateInstance

kernel32

VirtualAlloc
Sleep
VirtualFree
FindResourceW
HeapCreate
SizeofResource
InterlockedExchange
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
CompareStringA
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
CreateProcessW
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindFirstFileW
CreateFileMappingA
ResetEvent
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
GetCPInfo
SetErrorMode
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
CreateEventW
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
TlsGetValue
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
SetStdHandle
WaitForSingleObject
WriteFile
GetSystemTimeAsFileTime
GetStringTypeA
WideCharToMultiByte
GetTempPathA
FreeEnvironmentStringsW
LoadLibraryExW
LocalAlloc
GetConsoleMode
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
SetEvent
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetEnvironmentVariableA
RtlUnwind

user32

PostQuitMessage
SetFocus
FillRect
SetCursor
CallWindowProcA
EnableMenuItem
InvalidateRect
IsWindowVisible
SystemParametersInfoA
GetSysColor
MessageBoxA
GetDesktopWindow
LoadCursorA
ScreenToClient
GetDlgItem
GetSubMenu
SetWindowLongA
PostMessageA
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
MapWindowPoints
SetTimer
GetWindowLongA
RegisterClassA
IsIconic
IsWindowEnabled
TranslateMessage
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetClientRect
SendMessageA
ReleaseDC
GetCursorPos
GetDC
ClientToScreen
IsWindow
SetWindowPos
LoadBitmapA

Sections

.text
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5202628667afd7c6d04063fb3731f23

Headers

File Characteristics

Imports

gdi32

advapi32

oleaut32

ole32

kernel32

user32

Sections

.text Size: 441KB - Virtual size: 440KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 33KB - Virtual size: 36KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 441KB - Virtual size: 440KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 33KB - Virtual size: 36KB

.rsrc
Size: 2KB - Virtual size: 1KB