9b8c8af2c035f63f85a89f4237c37f5a

General

Target

9b8c8af2c035f63f85a89f4237c37f5a
Size

3.4MB
MD5

9b8c8af2c035f63f85a89f4237c37f5a
SHA1

698e9c4372dd8f40ca1497a24457335c07bf3c41
SHA256

507455be720c46a399bc511cec5ad7cc71be75135a2746fd7f029e3b1a236550
SHA512

87de0f0208d74e18efa1616aed8e40d30dccbfe01ed481acac741d11c9467ec50ea7855da69c4db401c374ab2bd80c092562f97a3a42590ae5d8494527dbab20
SSDEEP

98304:Z+hDD/KUGou/bG9e68toWrcCjXvlriB5g0qSgFObpk5kuo1NQfS:ZgDjKUGouCktoWrcCjXNrq5VQgpk5kuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b8c8af2c035f63f85a89f4237c37f5a

Files

9b8c8af2c035f63f85a89f4237c37f5a
.exe windows:4 windows x86 arch:x86

af3f61933fbccce8710ccb18d7495e7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetModuleHandleW
QueryPerformanceCounter
GetTickCount
WideCharToMultiByte
LocalFree
DeleteCriticalSection
EnterCriticalSection
WriteFile
GetProcessHeap
GetModuleFileNameW
IsDebuggerPresent
FindClose
ReadFile
RaiseException
SetEvent
GetACP
FormatMessageW
GetFileType
GetModuleHandleA
InitializeCriticalSection
HeapReAlloc
TlsAlloc
HeapSetInformation
LoadLibraryExW
GetCPInfo
SetFilePointer
CompareStringW
GetStringTypeW
GetEnvironmentStringsW
SetStdHandle
FindNextFileW
DeleteFileW
GetConsoleCP
GetCommandLineA
ResetEvent
ReleaseMutex
CreateFileA
GetFileSize
GetModuleHandleExW
GetLocaleInfoW
CreateDirectoryW
GetFullPathNameW
LoadResource
GetExitCodeProcess
CreateProcessW

user32

TranslateMessage
LoadStringW
DispatchMessageW
DefWindowProcW
MessageBoxW
PostQuitMessage
CreateWindowExW
GetMessageW
GetDlgItem
GetSystemMetrics
GetDC
SendMessageW
GetClientRect
EnableWindow
IsWindow
GetParent
SetWindowTextW
PeekMessageW
ScreenToClient
KillTimer
InvalidateRect
EnableMenuItem
GetWindowTextW
UpdateWindow
SystemParametersInfoW
GetKeyState
MessageBoxA

Sections

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af3f61933fbccce8710ccb18d7495e7a

Headers

File Characteristics

Imports

kernel32

user32

Sections

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 1KB

.text Size: 6KB - Virtual size: 6KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB