9ba843d01136559fdeb6f4ef68c2b4ee

Sharing

Copy URL

Twitter E-mail

General

Target

9ba843d01136559fdeb6f4ef68c2b4ee
Size

150KB
MD5

9ba843d01136559fdeb6f4ef68c2b4ee
SHA1

bc94993d99c2a59cb0a683c242a527c000e8ada6
SHA256

d31ea29be320d29ae26e39c4cb1d36e54884a4793a101714576bee1600286113
SHA512

40a9ca040a8aeaf88e53542529ad02e31cd4904b999a6da9d69293455dc09ea3c605c97a4ddded8d6629394f77d96f467262563987275dc7c88cc91b6901d4db
SSDEEP

3072:tjsVAn3MtZIc6YiUhDkBpGUu0LAMdRz/ACf8pPpP04XxUpCbbdds:tj7M7OuDkBfu0EMX/ACEp59Pr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ba843d01136559fdeb6f4ef68c2b4ee

Files

9ba843d01136559fdeb6f4ef68c2b4ee
.exe windows:5 windows x86 arch:x86

349a1bea027c31bffb20b1a5d43d1b91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\vuNqtmtffnowMU\nmUhmaaVmfOax\vKtzmHsthlg\MopyWxk\rCinrzoetBGXIj.pdb

Imports

msvcrt

_controlfp
wcstok
system
__set_app_type
wcslen
__p__fmode
getenv
__p__commode
setvbuf
_amsg_exit
_initterm
_acmdln
exit
wcsrchr
putchar
_ismbblead
_XcptFilter
_exit
wcscat
_cexit
iswctype
wcspbrk
__setusermatherr
__getmainargs
remove
fgetc

user32

GetDoubleClickTime
GetLastActivePopup
GetWindowLongW
GetDlgItem
DestroyCaret
OffsetRect
AdjustWindowRect
SetUserObjectInformationW
CharNextA
DrawFrameControl
DragObject
FindWindowExA
InsertMenuItemW
SetMenuItemBitmaps
wvsprintfW
CharLowerA
GetKeyNameTextW
GetKeyboardType
GetIconInfo
IntersectRect
ShowCursor
SetTimer
CharLowerBuffW
SetMenuDefaultItem
FindWindowW
MapDialogRect
GetScrollInfo
GetMenuStringA
CreateCaret
DialogBoxParamA
FillRect
WaitMessage
FindWindowA
MessageBoxW
RegisterClassExW
GetClassNameW
EndPaint
MapVirtualKeyA
CopyImage
GetWindow
InSendMessageEx
AppendMenuW
GetPropW

gdi32

GetTextExtentPoint32A
CreatePolygonRgn
DeleteObject
EnumFontFamiliesW
StartDocW
ExtTextOutA
GetDIBColorTable
GetStockObject
GetTextFaceW
SetWindowExtEx
FillRgn
Rectangle
PtVisible
GetDIBits
SaveDC
WidenPath
TextOutW

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Create
ImageList_GetIconSize
ImageList_Remove

comdlg32

ChooseFontW
PrintDlgExW

shlwapi

StrNCatA

kernel32

LeaveCriticalSection
MulDiv
MoveFileA
SetLastError
OpenFileMappingW
GetHandleInformation
GlobalFree
SearchPathW
GetSystemDefaultLangID
lstrcatA
GetShortPathNameA
CompareStringW
GlobalGetAtomNameW
GetSystemWindowsDirectoryW
GlobalLock
GlobalHandle
GetCurrentDirectoryA
GetAtomNameA
SetThreadExecutionState
GetComputerNameExA

Exports

Exports

?FindHeader@@YGJPAN*Z
?HideMutexEx@@YGXKPAGFPAE*Z
?GetStringNew@@YGXKPAJPAN*Z
?HideCommandLine@@YGPAFD*Z
?KillMediaTypeExA@@YGND*Z
?RectW@@YGFPAIPAK*Z
?AddProcessW@@YGDEPADPAJJ*Z
?AddFolderPathExW@@YGF_NFH*Z
?DecrementDirectoryNew@@YGXID*Z
?ValidateListEx@@YGJPAFN*Z
?GlobalFileOld@@YGPAFJ_NE*Z
?DecrementScreenNew@@YGKGMMK*Z
?InvalidateComponentEx@@YGPA_NEF*Z
?InvalidateDirectoryExA@@YGPA_N_N*Z
?CancelMutexOld@@YGPAKD*Z
?InstallClassNew@@YG_NPA_NFFPA_N*Z
?InstallComponentEx@@YGNNGEPAF*Z
?RtlWidthOriginal@@YGPAFI*Z
?CopyFolderPath@@YGMIPAK*Z
?HideSection@@YGDE*Z
?AddListW@@YGFNGI*Z
?IsOption@@YGXE_NGN*Z
?IsKeyNameExW@@YGPAXMPAKNF*Z
?SetDialogOld@@YGPAEJKPAIH*Z

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idir
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edir
Size: 1024B - Virtual size: 975B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdir
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

349a1bea027c31bffb20b1a5d43d1b91

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

gdi32

comctl32

comdlg32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 120KB

.itext Size: 512B - Virtual size: 484B

.idir Size: 2KB - Virtual size: 2KB

.edir Size: 1024B - Virtual size: 975B

.data Size: 2KB - Virtual size: 174KB

.vdir Size: 512B - Virtual size: 140B

.pdir Size: 512B - Virtual size: 140B

.sdir Size: 14KB - Virtual size: 13KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 121KB - Virtual size: 120KB

.itext
Size: 512B - Virtual size: 484B

.idir
Size: 2KB - Virtual size: 2KB

.edir
Size: 1024B - Virtual size: 975B

.data
Size: 2KB - Virtual size: 174KB

.vdir
Size: 512B - Virtual size: 140B

.pdir
Size: 512B - Virtual size: 140B

.sdir
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB