9c679451d32ee4943bed9c57c858d9ca

General

Target

9c679451d32ee4943bed9c57c858d9ca
Size

21KB
MD5

9c679451d32ee4943bed9c57c858d9ca
SHA1

f4680a54e789ba12a24bfdeae6b41887e00881e0
SHA256

edac786b1df8aa1fefbbfde53e7f997de9adb59a0cb77963fcf73ba8c5d4cc2b
SHA512

7b72532ac2ba991327320cf85f9c9ab1bc7ee3bc1b0e08f0b1006ee878e6460b0d880bcc6842e2df31fad26ddc720bfddcfc9369ed980846a270083c9c987997
SSDEEP

384:u17jvXc4O7/fPj4VfQQINftYO6aGI/lNxWvYhykbXX5l:Evs4Ojfr4Vf/IDxGSBWQ4kbXX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c679451d32ee4943bed9c57c858d9ca

Files

9c679451d32ee4943bed9c57c858d9ca
.exe windows:4 windows x86 arch:x86

f06aed6dfaa2c2671a3024c4f92ffbca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW

gdi32

SetBkMode
SetViewportOrgEx
SetPaletteEntries
GetTextCharacterExtra
GetDIBits

kernel32

GetLocalTime
Sleep
GetEnvironmentStringsW
DefineDosDeviceA
GetCalendarInfoA
ReadConsoleOutputW
GetCurrentThreadId
VirtualFree
lstrcmpiW
GetStartupInfoW
GetModuleHandleA
CancelIo
GetModuleHandleW
lstrcmpA
lstrcmpiA
GetConsoleCursorInfo
lstrlenA
VirtualAlloc
lstrcmpW
ExitProcess
GlobalUnWire
lstrlenW
GetSystemTime

msvcrt

_wspawnve
_wcsnicmp
_ltoa
_adj_fptan
tolower
_ismbclower
_wspawnl
_scalb
_wtol
_wasctime
wcscpy
_mbsnextc
__p__iob
_j1
_mktemp
__CxxFrameHandler
_wexecvp
_wrename
_atoldbl
_flsbuf
strncpy

user32

GetWindowLongW
GetMenuItemID
GetClassNameA
CreateDesktopW
GetTabbedTextExtentW
SetMessageExtraInfo
ScreenToClient
DeferWindowPos

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yxsua
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vni
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f06aed6dfaa2c2671a3024c4f92ffbca

Headers

File Characteristics

Imports

shell32

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 3KB - Virtual size: 3KB

.yxsua Size: 12KB - Virtual size: 25KB

.vni Size: 4KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 3KB

.yxsua
Size: 12KB - Virtual size: 25KB

.vni
Size: 4KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 1KB