9b96505e61b76455c9347d3c648fc654

Sharing

Copy URL Twitter E-mail

General

Target

9b96505e61b76455c9347d3c648fc654
Size

179KB
MD5

9b96505e61b76455c9347d3c648fc654
SHA1

c883154150516ecae2797b4c44089a2376cad209
SHA256

b63377fc08bdcc93dc72bcc8c5b7bf170727186f44460b293c182309152ed246
SHA512

681e0a45a36bdcf28b8cc749901e806bd0295434a5e3bb29670f530954f55adbac52a2c3e1d8e482f69f7740750372dfe4da60a6dc08984461a77a06d4fb2d11
SSDEEP

3072:FNYawyd3CLJEb6oY0Rec9emfHalyUc9HpnnFDaswqFtcwEVWzauNjbi:4xycM40PemCY9pnFDa2eWzauh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b96505e61b76455c9347d3c648fc654

Files

9b96505e61b76455c9347d3c648fc654
.exe windows:4 windows x86 arch:x86

33fc336b7dd5a5e32b6f9bfa19ce644d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoGetDefaultContext
CoInitialize
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegSetValueExW
EncryptFileW
RegEnumKeyW
DecryptFileW
RegCloseKey

kernel32

GetCurrentDirectoryW
GetModuleHandleW
ReleaseMutex
ExitProcess
VirtualQuery
CreateFileMappingW
SetFileAttributesW
GetFileAttributesW
GetTickCount
GetCalendarInfoW
GetLastError
VirtualProtect
InterlockedCompareExchange
LocalFree
QueryPerformanceCounter
EnterCriticalSection
DuplicateHandle
OutputDebugStringW
EncodePointer
lstrcmpiW
GetProcessId
InterlockedExchange
MapViewOfFile
SearchPathW
OpenProcess
IsWow64Process
GetSystemTimeAsFileTime
WideCharToMultiByte
CreateDirectoryW
FindNextFileW
GetProcAddress
SetEnvironmentVariableW
GetCurrentThreadId
OutputDebugStringA
EnumResourceNamesA
lstrlenW
GetCurrentProcess
WaitForSingleObject
LoadLibraryW
GetModuleHandleA
GetModuleFileNameW
LocalAlloc
GetFileSizeEx
InitializeCriticalSection
FindClose
SetLastError
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
GetLogicalDriveStringsW
UnmapViewOfFile
GetFileInformationByHandle
QueryDosDeviceW
FindFirstFileW
Sleep
CreateMutexW

user32

GetClassNameW
AllowSetForegroundWindow
GetWindowThreadProcessId
GetPropW
GetGUIThreadInfo
GetForegroundWindow

shlwapi

SHRegGetValueW
PathGetArgsW
StrDupW
PathSkipRootW
PathIsUNCW
PathFindFileNameW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33fc336b7dd5a5e32b6f9bfa19ce644d

Headers

File Characteristics

Imports

gdiplus

ole32

advapi32

kernel32

user32

shlwapi

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 73KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 73KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 240KB