9bfc0500b8b2ec8c7b97f84c13702b90

Sharing

Copy URL Twitter E-mail

General

Target

9bfc0500b8b2ec8c7b97f84c13702b90
Size

192KB
MD5

9bfc0500b8b2ec8c7b97f84c13702b90
SHA1

5e512e817288d6409f0b9392e441162c2a07bb9c
SHA256

8045d08226bf824a02be709fef25f96fcc270cebea263d1925aa8a38e1193f5e
SHA512

b43c04b3a0117bfeab5d78f6df130815fc4e9575de9aa707151216794709585f8b6fdd35c189d3227e8b824df30e49f92541f793f5314616184f8c5ce4aa3bcc
SSDEEP

3072:HCOikW9cwvO59l3dkj8/JzQWrTEMHhnKbNSv8otkLs6gzWrnCsR653U+9X7SkXJP:HbkmJzzobIvZtr66Wrn/RyEi7N5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bfc0500b8b2ec8c7b97f84c13702b90

Files

9bfc0500b8b2ec8c7b97f84c13702b90
.dll windows:4 windows x86 arch:x86

0c72504ef54752b09be0cbe574e3278a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ClientToScreen
GetWindowTextA
PtInRect
CharToOemA
SetScrollPos
EmptyClipboard
GetScrollRange
GetScrollInfo
IsWindowEnabled
GetWindowThreadProcessId
GetSysColorBrush
SetScrollInfo
GetCursorPos
RegisterClassA
SetRect
GetKeyboardLayoutNameA
ActivateKeyboardLayout
GetMenuItemInfoA
DestroyMenu
CreatePopupMenu
FillRect
TranslateMessage
GetMenu
ReleaseCapture
OemToCharA
DefMDIChildProcA
ReleaseDC
IsDialogMessageA
OpenIcon
SetTimer
RemoveMenu
IsIconic
MessageBoxA
LoadBitmapA
GetClassInfoA
wsprintfA
DrawTextA
GetClassNameA
GetDC
UnregisterClassA
EnableMenuItem
DrawIconEx
CharNextW
GetDesktopWindow
GetWindowLongA
GetScrollPos
CharLowerBuffA
PostQuitMessage
GetMenuItemCount
GetSysColor
GetKeyNameTextA
GetFocus
CharLowerA
LoadCursorA
UnhookWindowsHookEx
CheckMenuItem
SendMessageW
SetActiveWindow
GetTopWindow
IsMenu
SystemParametersInfoA
IsDlgButtonChecked
DrawFrameControl
IntersectRect

kernel32

FormatMessageA
SetThreadLocale
GetStdHandle
IsBadReadPtr
GetProcessHeap
GetCurrentThreadId
SetFilePointer
VirtualQuery
GlobalDeleteAtom
LoadLibraryExA
GlobalAlloc
FindFirstFileA
SizeofResource
VirtualAlloc
LocalAlloc
ResetEvent
VirtualFree
ExitProcess
EnterCriticalSection
GetVersionExA
lstrlenA
SetLastError
LoadLibraryA
lstrcmpiA

gdi32

GetTextAlign
GetTextColor
GetDCOrgEx

comctl32

ImageList_DragShowNolock
ImageList_Add
ImageList_Read
ImageList_Destroy
ImageList_Remove
ImageList_Create
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Write

Exports

Exports

_voiJYglKZ
AYhqKuk
_0MqcFSs
_farmU
vz0gp
1XdT8lnZWjRcU@20
_3dwSgLwsgMTjM@12
hNytbFdm7
7BPmW@20
_Pmk1FY9cw6fy79@12
oscxSUUkk

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c72504ef54752b09be0cbe574e3278a

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 9KB - Virtual size: 141KB

.data Size: 148KB - Virtual size: 148KB

.edata Size: 2KB - Virtual size: 2KB

.badata Size: 1KB - Virtual size: 1KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 9KB - Virtual size: 141KB

.data
Size: 148KB - Virtual size: 148KB

.edata
Size: 2KB - Virtual size: 2KB

.badata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 1KB