9c0b4965973507870b8e97f1d4945a38

Sharing

Copy URL Twitter E-mail

General

Target

9c0b4965973507870b8e97f1d4945a38
Size

620KB
MD5

9c0b4965973507870b8e97f1d4945a38
SHA1

432fafa29209430ebb5ea3452fcf14e8df435d55
SHA256

d500cc12d66775e20261d27ef437da178fac874291595ab99d1b06925b486d11
SHA512

8d4d9e946728f42b23598828ade047e4899448925ba992b547d6dd48c51bff31d250501eeaf78d562853af19920afceb2390d2fc40cc387e17fcae0a361163ce
SSDEEP

12288:oryAVAJIEf85NmcNzhJX7SCMmR0X43EEHMAXQYTwnVthRNbGIKmx/:LuAJBELvhJXedn6Rw1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c0b4965973507870b8e97f1d4945a38

Files

9c0b4965973507870b8e97f1d4945a38
.exe windows:4 windows x86 arch:x86

8f7d4587bd7b6f0dc55ef193dac7a0de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowPos
ShowWindow
RealChildWindowFromPoint
CallMsgFilter
CreateDialogParamA
GetShellWindow
LoadCursorFromFileW
GetClipboardViewer
ReleaseCapture
DefWindowProcA
DlgDirListComboBoxA
GetKeyboardLayoutNameW
OemToCharBuffW
OpenClipboard
CharLowerA
GetSysColor
GetUpdateRect
PostMessageA
BeginDeferWindowPos
CharNextA
DdeInitializeA
DestroyWindow
TrackPopupMenuEx
LoadCursorA
OpenDesktopW
SetClassWord
DestroyCaret
CharNextW
GetAsyncKeyState
CreateWindowExW
CharUpperA
DdeAbandonTransaction
InflateRect
DdeSetQualityOfService
ChangeDisplaySettingsExW
GetClipboardData
GrayStringA
IsDialogMessageA
GetClientRect
WindowFromPoint
CreateDialogParamW
EndDialog
GetClipboardFormatNameA
LoadBitmapA
RemoveMenu
GetScrollBarInfo
InsertMenuItemW
EnableWindow
RegisterClipboardFormatW
DdeQueryConvInfo
RegisterClassA
SetCursor
SetWindowsHookExA
GetClassLongA
RegisterClassExA
DdeConnect
GetKeyboardLayoutNameA
EnumPropsA
IsIconic
IsCharUpperA
GetNextDlgTabItem
CopyIcon
CallMsgFilterA
OemToCharBuffA
DrawIconEx
ExcludeUpdateRgn
LoadKeyboardLayoutW
DdeDisconnectList
GetDCEx
MapWindowPoints
SetActiveWindow
MessageBoxA
CheckRadioButton
DestroyMenu
DeferWindowPos
DefDlgProcA
AppendMenuA
DdeInitializeW
AppendMenuW
TrackPopupMenu
IsZoomed
MonitorFromWindow
ShowWindowAsync
FrameRect
LoadMenuA
PtInRect
SetMenuItemBitmaps
MessageBoxExA
TileWindows
CharPrevExA
GetIconInfo
UnregisterClassW
GetPriorityClipboardFormat
GetMenuStringA
RegisterWindowMessageA
UnregisterDeviceNotification

comctl32

ImageList_ReplaceIcon
ImageList_SetOverlayImage
DrawStatusText
ImageList_SetImageCount
ImageList_DragEnter
DrawStatusTextA
ImageList_SetDragCursorImage
CreateStatusWindowA
DrawStatusTextW
CreateStatusWindow
ImageList_Duplicate
ImageList_GetFlags
_TrackMouseEvent
ImageList_LoadImageA
ImageList_GetImageRect
MakeDragList
CreatePropertySheetPageW
ImageList_GetDragImage
DrawInsert
ImageList_DragMove
ImageList_Draw
ImageList_DrawEx
InitCommonControlsEx
ImageList_Add

advapi32

ReportEventW
RegSetValueExW
LookupPrivilegeValueW
StartServiceA
RegRestoreKeyW
AbortSystemShutdownA
RegCreateKeyExW
CryptReleaseContext
LookupSecurityDescriptorPartsA
CryptGetUserKey
CryptHashData
CryptVerifySignatureW
RegOpenKeyW
LookupPrivilegeDisplayNameA

comdlg32

GetFileTitleA
GetSaveFileNameA
GetSaveFileNameW
ChooseFontA

wininet

CommitUrlCacheEntryA
InternetDialW
InternetConnectW
SetUrlCacheConfigInfoA
FindNextUrlCacheEntryA
InternetGetCookieA
HttpCheckDavCompliance
SetUrlCacheEntryGroupA
InternetSetDialState

shell32

DoEnvironmentSubstA

kernel32

SetConsoleCtrlHandler
InitializeCriticalSection
GetFileAttributesW
HeapReAlloc
GetEnvironmentStringsA
IsValidLocale
LoadResource
GetStringTypeW
VirtualProtect
VirtualAlloc
CloseHandle
OpenWaitableTimerA
WaitCommEvent
GetModuleHandleA
lstrcpynW
GetFileType
GetProfileSectionW
VirtualQuery
GetEnvironmentStringsW
GetOEMCP
GetCurrentThreadId
TlsGetValue
GetShortPathNameA
GetNamedPipeHandleStateA
HeapSize
HeapDestroy
QueryPerformanceCounter
FreeEnvironmentStringsW
ReadFile
GetCPInfo
GetConsoleMode
GetUserDefaultLCID
SetStdHandle
GetCurrentProcessId
MultiByteToWideChar
HeapFree
GetModuleFileNameW
TlsSetValue
SetConsoleCursorPosition
GetLocaleInfoA
GetStartupInfoW
GetCompressedFileSizeA
InterlockedIncrement
FreeEnvironmentStringsA
VirtualLock
GetThreadLocale
SetFilePointer
LeaveCriticalSection
lstrcatW
GetCommandLineW
GetStartupInfoA
FreeResource
GetConsoleOutputCP
TerminateProcess
GetTimeZoneInformation
GetVersionExA
ReadConsoleA
IsValidCodePage
FoldStringA
OpenEventW
lstrcat
InterlockedExchange
ExitProcess
Sleep
LocalShrink
EnterCriticalSection
GetPrivateProfileSectionNamesA
IsDebuggerPresent
ExitThread
VirtualFree
CompareStringW
SetLastError
SetEnvironmentVariableA
WideCharToMultiByte
GetEnvironmentVariableA
CreateSemaphoreW
GetStdHandle
DeleteFileA
CreateFileA
SetConsoleCP
GetDateFormatA
CompareStringA
SetLocalTime
GetCurrentProcess
GetTickCount
HeapCreate
ReadConsoleOutputAttribute
LoadLibraryA
WriteConsoleW
AllocConsole
InterlockedDecrement
CreateMutexA
DeleteCriticalSection
GetLastError
GetCurrentThread
LCMapStringA
GetCommandLineA
WriteFile
OpenMutexA
GetTimeFormatA
GetStringTypeA
SetHandleCount
GetThreadSelectorEntry
TlsAlloc
GetModuleFileNameA
GetSystemTimeAsFileTime
DosDateTimeToFileTime
EnumCalendarInfoW
GetLocaleInfoW
AddAtomA
SetFileTime
EnumSystemLocalesA
GetFileTime
GetConsoleCP
FreeLibrary
LCMapStringW
FlushConsoleInputBuffer
WriteConsoleA
GetProcAddress
GetEnvironmentStrings
UnhandledExceptionFilter
TlsFree
MapViewOfFileEx
RtlUnwind
lstrlenW
OpenFileMappingA
GetACP
SetUnhandledExceptionFilter
FlushFileBuffers
lstrcmpi
OpenFile
GetProcessHeap
HeapAlloc

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f7d4587bd7b6f0dc55ef193dac7a0de

Headers

File Characteristics

Imports

user32

comctl32

advapi32

comdlg32

wininet

shell32

kernel32

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 116KB - Virtual size: 139KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 116KB - Virtual size: 139KB

.rsrc
Size: 32KB - Virtual size: 30KB