9c2b8ccfc8403ae5f7158da9998b481f

General

Target

9c2b8ccfc8403ae5f7158da9998b481f
Size

74KB
MD5

9c2b8ccfc8403ae5f7158da9998b481f
SHA1

b36a2a287df95f0f0f04bed338277748c72dce3b
SHA256

41fe30b68b47bbbf7483b59bf7f505d161fe0679e5a391ef34348042dbf17473
SHA512

fb8bbab5a928efa515853fbf5e3249574d7c0f27f503bc57e159ae3359e19fcff858c30fba0b7a523c6eced5fd90d817ceab36fcbda36756a58e8866ba48e9b0
SSDEEP

1536:Xunczq+5hRpfvL7I7JJ19ZMjOGYXTJVmWmhpvSRCV7b4NcAGKJG:Xg719Z5lbmWmhpvSR+f4NcAGK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c2b8ccfc8403ae5f7158da9998b481f

Files

9c2b8ccfc8403ae5f7158da9998b481f
.exe windows:4 windows x86 arch:x86

d34fb6d96388671be3b6f97e0c476bc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strlen
fmod
fabs
ceil
malloc
floor
free
fclose
memcpy

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
TlsAlloc
HeapAlloc
TlsSetValue
GlobalAlloc
GlobalFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
HeapFree
HeapReAlloc

user32

CallWindowProcA
GetDC
ReleaseDC
DrawIconEx
FillRect
DestroyIcon

gdi32.dll..

GetDeviceCaps
SetTextColor
SetTextAlign
SetBkColor
SelectObject
CreateSolidBrush
DeleteObject
CreatePen
SetPixelV
Rectangle
RoundRect
Ellipse
GetStockObject
SetROP2
SetBkMode
GetObjectA
SelectPalette
RealizePalette
GetDIBits
GetObjectType
CreateCompatibleDC
SetStretchBltMode
StretchDIBits
BitBlt
StretchBlt
DeleteDC
MoveToEx
TextOutA
CreateFontIndirectA
GetPixel
ExtFloodFill
LineTo
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBSection
CreateBitmap
SetPixel

wsock32

closesocket
WSACleanup
WSAStartup

Sections

.code
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d34fb6d96388671be3b6f97e0c476bc6

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32.dll..

wsock32

Sections

.code Size: 11KB - Virtual size: 10KB

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 512B - Virtual size: 208B

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 4KB

.code
Size: 11KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 512B - Virtual size: 208B

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 4KB