9c2255cf6753c7efd1ff4dfa97144e57

Sharing

Copy URL Twitter E-mail

General

Target

9c2255cf6753c7efd1ff4dfa97144e57
Size

76KB
MD5

9c2255cf6753c7efd1ff4dfa97144e57
SHA1

cb88f0ff0f7260b6e2b9369dea02c76bb9069ef0
SHA256

b2f6b3c66a0851503794de01771eea1bcb78b9d6dae3f04e112c947f82cc7929
SHA512

ee01ce738474b006ccea8122d4ddb1f1dca4660bf1a847829027b893f84ece75fe31ad16e7bbbd7b4f20c78fd2158a961c9b49a98059433f0ffc5a98ea13fcf7
SSDEEP

768:8v2fSrJ7BAJIpJHYZ/M5nfFFm0TJkTG9mzlhk2QRaVdSGuigWsHx1pUhjeVIo6QS:8vpiIpJ45MRT6TFzXkVGui/Cejpo6QoD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c2255cf6753c7efd1ff4dfa97144e57

Files

9c2255cf6753c7efd1ff4dfa97144e57
.exe windows:4 windows x86 arch:x86

c91a82f59d1b305905b416cf7dfe84d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hprbutil

?GetDwordValue@CHPRBReg@@QAEJPBDPAK0@Z
??0CHPRBWinOS@@QAE@XZ
?IsWindows@CHPRBWinOS@@QBEHK@Z
??1CHPRBWinOS@@UAE@XZ
??0CHPRBReg@@QAE@XZ

kernel32

InterlockedIncrement
GetModuleFileNameA
GetCommandLineA
GetShortPathNameA
SizeofResource
LoadResource
FindResourceA
FreeLibrary
GetCurrentThreadId
lstrcmpiA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
lstrcatA
GetCurrentProcess
GetCurrentThread
CreateSemaphoreA
GetCurrentProcessId
ReleaseSemaphore
InterlockedCompareExchange
InterlockedExchange
InterlockedDecrement
lstrcpyA
EnterCriticalSection
SetEvent
LeaveCriticalSection
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
WaitForMultipleObjects
WaitForSingleObject
ReleaseMutex
CloseHandle
SignalObjectAndWait
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
CreateMutexA
CreateThread
lstrcpynA
GetLastError
LoadLibraryExA
LCMapStringA
IsBadWritePtr
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetFilePointer
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
HeapSize
TerminateProcess
GetOEMCP
VirtualAlloc
GetCPInfo
ExitProcess
GetACP
GetStartupInfoA
GetModuleHandleA
GetVersion
UnhandledExceptionFilter
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc

user32

DispatchMessageA
PostThreadMessageA
GetMessageA
CharNextA
MessageBoxA
LoadStringA

advapi32

InitializeSecurityDescriptor
RegCreateKeyExA
RegQueryInfoKeyA
GetTokenInformation
OpenThreadToken
RegEnumKeyExA
StartServiceCtrlDispatcherA
ControlService
DeleteService
CreateServiceA
RegDeleteValueA
RegSetValueExA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueA
SetSecurityDescriptorDacl
CopySid
GetLengthSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegDeleteKeyA
OpenProcessToken

ole32

CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoInitializeSecurity
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

VarUI4FromStr
LoadRegTypeLi
RegisterTypeLi
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SysFreeString
VariantClear
VariantInit
SysAllocString
VariantCopyInd
VariantChangeType
SysStringLen
SysStringByteLen
LoadTypeLi

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KAO
Size: 613B - Virtual size: 613B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c91a82f59d1b305905b416cf7dfe84d7

Headers

File Characteristics

Imports

hprbutil

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 8KB - Virtual size: 4KB

.KAO Size: 613B - Virtual size: 613B

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 8KB - Virtual size: 4KB

.KAO
Size: 613B - Virtual size: 613B