9c2e9dba93b4a3ff7d1e6fb02878cc4c

Sharing

Copy URL Twitter E-mail

General

Target

9c2e9dba93b4a3ff7d1e6fb02878cc4c
Size

268KB
MD5

9c2e9dba93b4a3ff7d1e6fb02878cc4c
SHA1

ddcd32d5918a1acfa6b7028a9a15d1a76d240719
SHA256

cf24af620c87bce75312f99c8ea0e296d049bef1b58dabbfe73681cf6364fd4c
SHA512

5992156b7e593bf79a0c95a948f2d3202ae9974e72796b7b75f3cf78755ae6ede45ab7cf75cf56fe0ae7abaa5856f4087e5cc7944991088fa70779556cd386b6
SSDEEP

6144:KnX5Rb19oqSaXrpNUpvIDLswFurXREwWfDK2UUEWXbsT+:iTbTqab7UpvSLswgrXewWZf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c2e9dba93b4a3ff7d1e6fb02878cc4c

Files

9c2e9dba93b4a3ff7d1e6fb02878cc4c
.exe windows:4 windows x86 arch:x86

67d668b9d90f8313fc7babc1480a0add

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
SafeArrayPutElement
SysStringLen
SysAllocStringLen
SafeArrayGetElement
SafeArrayCreate
LoadTypeLi
VariantChangeType
SafeArrayRedim

shell32

ExtractIconA
FindExecutableW
ShellExecuteA

kernel32

GetOverlappedResult
PeekNamedPipe
_lclose
SetEnvironmentVariableW
IsValidLocale
ReleaseSemaphore
GetSystemInfo
ReadFileScatter
GlobalFindAtomW
WritePrivateProfileStructA
FreeLibraryAndExitThread
LoadLibraryExA
GetTapeParameters
SetCommTimeouts
EnumCalendarInfoW
GlobalDeleteAtom
EnumDateFormatsW
CopyFileExW
SetCommMask
IsDBCSLeadByteEx
FindFirstFileA
SetConsoleWindowInfo
CreateNamedPipeW
VirtualLock
CreateFileW
GetDiskFreeSpaceW
FreeLibrary
SetErrorMode
GetEnvironmentStringsW
FillConsoleOutputCharacterA
CompareStringA
GetACP
RemoveDirectoryA
GlobalUnlock
FatalAppExitA
LoadLibraryExW
FindResourceExA
LocalSize
FindResourceExW
LocalLock
GetSystemDefaultLangID
FlushConsoleInputBuffer
GetCurrentProcess
GetBinaryTypeA
lstrcpyA
WritePrivateProfileStringW
_llseek
GetFileType
DeleteFiber
FindFirstFileW
GetProcessHeap
GetHandleInformation
GlobalFlags
SetConsoleActiveScreenBuffer
GetSystemTime
lstrcmpA
FindCloseChangeNotification
GetLongPathNameA
GetSystemTimeAdjustment
GetThreadPriority
GetProcessTimes
GetSystemTimeAsFileTime
GetVersion
ExitProcess
IsBadReadPtr
SetHandleCount
EraseTape
_lopen
GetProfileStringA
lstrlenA
VirtualAlloc
DebugBreak
GetModuleHandleA
GetStartupInfoA
CreateEventA

advapi32

CryptAcquireContextW
RegSetValueA
RegDeleteKeyW
RevertToSelf
DeleteAce
CryptAcquireContextA
SetThreadToken
RegUnLoadKeyA
GetSecurityDescriptorOwner
CryptSetKeyParam
StartServiceCtrlDispatcherA
AddAccessAllowedAce

user32

WaitForInputIdle
GetInputState
GetAncestor
DefDlgProcW
RedrawWindow
BroadcastSystemMessageA
GetSysColor
CreateDesktopW
CharLowerA
PostMessageA
CreateMDIWindowW
ExitWindowsEx
VkKeyScanA
WindowFromPoint

ole32

OleFlushClipboard
OleBuildVersion
CoImpersonateClient
RevokeDragDrop
CoGetInterfaceAndReleaseStream
CoGetObject
OleRegGetUserType
CreateStreamOnHGlobal
CoMarshalInterface

comctl32

ImageList_DrawIndirect

gdi32

CreateDIBitmap
CreateRoundRectRgn
CreateSolidBrush

version

VerInstallFileA

ws2_32

htonl
WSASetLastError
WSARecvFrom
WSALookupServiceBeginA
WSAAsyncGetProtoByNumber
WSASocketW
accept
recv
WSAAccept
WSAInstallServiceClassW
select
gethostname
getservbyname
WSAIsBlocking
WSAAsyncGetServByPort
WSASetBlockingHook
ioctlsocket
WSAStringToAddressA
WSAAddressToStringW

msvcrt

_exit
exit
_mkdir
wcsncmp
asctime
puts
_sys_errlist
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_open
_getmbcp
_errno
atol
_wcsnicmp
_wcsdup
ftell
_mbslwr
_putws

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67d668b9d90f8313fc7babc1480a0add

Headers

File Characteristics

Imports

oleaut32

shell32

kernel32

advapi32

user32

ole32

comctl32

gdi32

version

ws2_32

msvcrt

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 60KB - Virtual size: 59KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 60KB - Virtual size: 59KB