9b814b2a1251be8eef12733f28abb57d

Sharing

Copy URL Twitter E-mail

General

Target

9b814b2a1251be8eef12733f28abb57d
Size

472KB
MD5

9b814b2a1251be8eef12733f28abb57d
SHA1

8f2bf18201047f8ca5b9a61958f389d7ea6bbe77
SHA256

bd1230b9bfbd8505a3be667a717a95b6ab044572332b552e5955729bcd349c82
SHA512

3538050b65963528fa726021dc6178aaff68c93ab3922a45038f90ca0676c74a9ebcbb68956066dea59ed98b286f374903e92c17494b9915ae61cc4114cf2580
SSDEEP

12288:vki5JZhKOyIcesfVu3b20xTVP0rGsl9WUeiJlI7OFqmGZxUYAbRt8wtRRq71YBWj:vPfZhKOyYrIlqmOU/bRt8wtXf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b814b2a1251be8eef12733f28abb57d

Files

9b814b2a1251be8eef12733f28abb57d
.exe windows:4 windows x86 arch:x86

c41e0b41549f6205412ab74e8328450d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
inet_ntoa
inet_addr
select
sendto
closesocket
setsockopt
WSAStartup
WSACleanup
WSASocketA
WSAGetLastError
gethostbyname

kernel32

CreateProcessA
FormatMessageA
DeviceIoControl
GetDiskFreeSpaceA
GetVersion
GetSystemInfo
lstrcmpiA
GetCurrentProcessId
GetLongPathNameA
SuspendThread
ResumeThread
ExitProcess
InterlockedDecrement
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
SetEndOfFile
GetStdHandle
GlobalDeleteAtom
SetStdHandle
GetOEMCP
GetLocalTime
FileTimeToLocalFileTime
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
RaiseException
GetSystemTime
GetWindowsDirectoryA
GetFileType
MultiByteToWideChar
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
RtlUnwind
TerminateProcess
SetLocalTime
FindResourceA
LoadResource
FileTimeToSystemTime
SetFilePointer
MoveFileA
ExitThread
CreateThread
SetThreadPriority
LockResource
GetDriveTypeA
FreeLibrary
GetFileInformationByHandle
GetCPInfo
GlobalGetAtomNameA
GetVersionExA
WinExec
GetVolumeInformationA
WideCharToMultiByte
GetLogicalDrives
SetHandleCount
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentProcess
GetLastError
SetFileTime
CreateDirectoryA
OpenFile
WaitForSingleObject
ResetEvent
SetEvent
GetTickCount
CreateFileA
WriteFile
CloseHandle
MulDiv
GlobalAlloc
HeapDestroy
HeapCreate
VirtualFree
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
GlobalLock
lstrcpyA
lstrlenA
GlobalUnlock
GlobalFree
GetModuleFileNameA
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CreateEventA
LocalSize
LocalFree
LocalAlloc
ReadFile
GetModuleHandleA
SetFileAttributesA
GetSystemDefaultLangID
GetPrivateProfileStringA
GetSystemDirectoryA
ExpandEnvironmentStringsA
FindNextFileA
RemoveDirectoryA
FindFirstFileA
FindClose
Sleep
GetFileSize
WritePrivateProfileStringA
OutputDebugStringA
CopyFileA
DeleteFileA
OpenProcess
GetComputerNameA
LoadLibraryA
GetTimeZoneInformation
GetProcAddress
CompareStringW
GetACP
UnhandledExceptionFilter

user32

CharLowerBuffA
GetSysColor
CheckMenuRadioItem
CheckMenuItem
EnableMenuItem
IsWindow
GetWindowLongA
GetSubMenu
PeekMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
GetMenuState
EnableWindow
SetDlgItemInt
SetCapture
ReleaseCapture
DialogBoxParamA
GetDlgItem
BeginPaint
EndPaint
CreateDialogParamA
UpdateWindow
ScreenToClient
CreatePopupMenu
AppendMenuA
IsWindowEnabled
ShowCursor
TranslateAcceleratorA
IsDialogMessageA
GetMessageA
LoadAcceleratorsA
LoadMenuA
PostQuitMessage
SetForegroundWindow
TrackPopupMenu
DestroyMenu
SetWindowTextA
LoadIconA
DestroyWindow
SetWindowLongA
GetActiveWindow
SetFocus
IsIconic
MessageBoxA
LoadCursorA
SetCursor
EnumDisplaySettingsA
LoadBitmapA
ShowWindow
LoadStringA
GetAsyncKeyState
CallWindowProcA
SetWindowPos
GetClientRect
MoveWindow
PostMessageA
GetSystemMetrics
GetForegroundWindow
GetParent
GetWindowThreadProcessId
GetWindowTextA
IsWindowVisible
GetWindowRect
SetTimer
GetCursorPos
KillTimer
DefWindowProcA
wsprintfA
FindWindowA
SendMessageA
RegisterClassA
CreateWindowExA
EndDialog
GetWindow
GetDC
ReleaseDC
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
WinHelpA
ExitWindowsEx

gdi32

CreatePatternBrush
Rectangle
SetBkColor
SetTextColor
CreatePen
MoveToEx
ExtTextOutA
CreateHatchBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
DeleteObject
GetDeviceCaps
CreateFontA
GetTextExtentPointA
SetBkMode
SetDIBitsToDevice
RealizePalette
SelectPalette
UnrealizeObject
CreatePalette
CreateDIBSection
CreateSolidBrush

advapi32

ControlService
RegEnumKeyExA
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
QueryServiceStatus
StartServiceA
CloseServiceHandle
CreateServiceA
OpenServiceA
OpenSCManagerA
RegOpenKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
AllocateAndInitializeSid
GetUserNameA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
FreeSid

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
CoCreateGuid

oleaut32

SysAllocString
SysFreeString
VariantClear

comctl32

ord6
ord17
PropertySheetA
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
CreateToolbarEx

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

rpcrt4

UuidToStringA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA

hudcomm

ord2

huft

ord2

hufwalk

ord2

hulib

ord4

hulog

ord2

huregn

ord2

huuacnt

ord2

huui

ord3
ord4
ord2

huinven

ord2

huncomm

ord2

Sections

.text
Size: 376KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c41e0b41549f6205412ab74e8328450d

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

rpcrt4

setupapi

hudcomm

huft

hufwalk

hulib

hulog

huregn

huuacnt

huui

huinven

huncomm

Sections

.text Size: 376KB - Virtual size: 374KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 64KB - Virtual size: 140KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 376KB - Virtual size: 374KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 64KB - Virtual size: 140KB

.rsrc
Size: 8KB - Virtual size: 4KB