9ef9bddf86918a7458905a441643a8ad | Triage

Sharing

General

Target

9ef9bddf86918a7458905a441643a8ad
Size

1.3MB
MD5

9ef9bddf86918a7458905a441643a8ad
SHA1

416016254438b55e96f25a775ee53202fce790cf
SHA256

731cea3715ba1107c3ed9333a556736dc6d710f22de531bc4cbcb9af9b1a2f0e
SHA512

e44974106d2144238071957e0e9e3457f291e243febb71532e0b5ecae8dc759140d52950cd564e49b5f4c0f7c6987242ef176dba4664414eca0ce67735b1c625
SSDEEP

24576:fEpGAWfNaleWllK9Ua3IUhIMUB2CoHzvTzwsdksiYeOgPP6B:4jW8lzl0vIUhIM2GHEXYetP6B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ef9bddf86918a7458905a441643a8ad

Files

9ef9bddf86918a7458905a441643a8ad
.exe windows:6 windows x86 arch:x86

47a24eb087bd2cccbffba4143950f63a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCandidateListCountW
ImmDestroyContext
ImmSetCompositionStringW
ImmSimulateHotKey
ImmGetContext
ImmSetHotKey

normaliz

IdnToUnicode

version

GetFileVersionInfoW

kernel32

VerLanguageNameA
GetConsoleWindow
LocaleNameToLCID
VirtualProtect
IsValidCodePage

loadperf

UnloadPerfCounterTextStringsW
UnloadPerfCounterTextStringsA

odbc32

ord38
ord247

mscms

CreateMultiProfileTransform
UninstallColorProfileA
CheckBitmapBits
ord1

mpr

WNetGetLastErrorA
WNetDisconnectDialog1A
WNetCancelConnectionW
WNetGetConnectionW
WNetGetUserW

user32

VkKeyScanA
ShowWindow

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ