9c62bc1a4bda63072c05139ad471e3de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c62bc1a4bda63072c05139ad471e3de
Size

18KB
MD5

9c62bc1a4bda63072c05139ad471e3de
SHA1

e9252a20920d677552e61c62736a88a23db94ab6
SHA256

92ea621e1c241a9cefe198fbb027f8f45b0a98ec69d6b01f95dd07125c1fe6b4
SHA512

830507b4af2d5f58d0bc5aef43c62abeaaf19516e9009383ff29728db9622b8b70a0c922986943a8aee84a51d22bad73a94a334e2a53a5cec05152b2e8d45cdd
SSDEEP

192:PQdJdjRn8LhUR6vqPW7UE+4hOwsie8mBhohTvw/DMFK07lVJTa0qtHWx:Kh8JqPW7UEORiDUhNSlVla0zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c62bc1a4bda63072c05139ad471e3de

Files

9c62bc1a4bda63072c05139ad471e3de
.exe windows:4 windows x86 arch:x86

135d00693e9dffe7c0f18875084b2104

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
WaitForSingleObject
GlobalMemoryStatus
GetLogicalDrives
InterlockedExchange
GetStdHandle
GetTimeFormatA
CreateIoCompletionPort
GetCurrentProcessId
GetEnvironmentStringsA
GetProcessVersion
GetTapeStatus
LoadLibraryExA
GetProcessHeap
GetACP
VirtualProtect
HeapQueryInformation
HeapDestroy
GetCurrentThread
IsDebuggerPresent
HeapCreate

user32

FillRect
BeginPaint
FrameRect
DragDetect
GetClassNameA
GetWindowTextLengthA
GetDlgItem
GetWindow
GetParent
SetForegroundWindow
ShowWindow
SetActiveWindow
GetFocus
EndPaint
ReleaseDC
GetCursorPos
GetTitleBarInfo
wsprintfA
DrawTextA

advapi32

RegCreateKeyA
RegCloseKey
RegEnumKeyA
RegSetValueExA
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ