9c42db28909f7208be6b3bfa8aa5799f

Sharing

Copy URL Twitter E-mail

General

Target

9c42db28909f7208be6b3bfa8aa5799f
Size

122KB
MD5

9c42db28909f7208be6b3bfa8aa5799f
SHA1

0dc744a894eeedb138c753c05d6d70665eebda8a
SHA256

e09e67475a29f78f322c34d4f02249e7bf0c1da02760c9cf6b77b9d5d4b73e59
SHA512

43776431a3c8873d7eb4552d03b58c425c7db3f94113596fcbfa3570224fcabf1348200cca576ca632702357e685288bcbd89a468e50cb8fc2afd9919a55bd32
SSDEEP

3072:hOAsLlDUwPeCPyRYA8VCHwB6aex9Z8JN2FF1KFNd3m8U/y1:hyxUMPyRxHX9uC1KFa8U/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c42db28909f7208be6b3bfa8aa5799f

Files

9c42db28909f7208be6b3bfa8aa5799f
.dll windows:5 windows x86 arch:x86

feb3f29368e51824d2773b223517ea3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\hceubqzscmcHAc\xtjiWwEthrgi\iyOrrhmrzsidli\oMCoVGDlpTfyMG\axknUzfNbaszqspNytt\VyKbvxvdovBjAzkkm\OGvkwahPjhsdb.pdb

Imports

gdi32

SetBitmapDimensionEx
CreateCompatibleDC
EndDoc
Escape
GetWindowOrgEx
GetTextAlign
GetTextMetricsW
StretchDIBits
GetTextCharsetInfo
CreateICW
CreateHalftonePalette
GetPixel
RectVisible
CreateHatchBrush

kernel32

lstrcpyA
GetCompressedFileSizeW
FindResourceExW
GetModuleHandleW
GetSystemTimeAsFileTime
SetThreadExecutionState
lstrcatW
WinExec
SetThreadPriority
GetLastError
LocalLock
SetTimerQueueTimer
EnumResourceNamesW
FileTimeToDosDateTime
GlobalUnlock
VerifyVersionInfoW

shlwapi

StrChrW

user32

GetCaretPos
SendDlgItemMessageA
CharNextA
DrawTextW
SetMenuItemInfoW
GetKeyNameTextW
SetDlgItemInt
CloseDesktop
mouse_event
CreateDialogParamA
ChildWindowFromPointEx
SendMessageTimeoutW
SetScrollInfo
DrawTextExW
ActivateKeyboardLayout
EnumChildWindows
SetWindowLongW
RegisterHotKey
GetMessageExtraInfo
ChildWindowFromPoint
GetMenuStringW
GetClassLongA
AllowSetForegroundWindow
DrawFocusRect
TabbedTextOutW
DragObject
LoadIconA
GetDlgItemTextW

shell32

ord196
ord195

Exports

Exports

AlphaBlend
?DUIidJLdlukydILKDFyiuITFUf6utydyifdikgfgfdhgfd@@YGKEPA_WG@Z

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

feb3f29368e51824d2773b223517ea3d

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

shlwapi

user32

shell32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 28KB - Virtual size: 28KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 1KB - Virtual size: 141KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 28KB - Virtual size: 28KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1KB - Virtual size: 141KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB