a9d998190300206254649c00ae85769a

General

Target

a9d998190300206254649c00ae85769a
Size

225KB
MD5

a9d998190300206254649c00ae85769a
SHA1

6609fd3a691f4e3c92392641e4db247b6507b649
SHA256

a8ffec8975c1a0daca9de0160f22a1849b0d1a7163fe8b3ccf334e6ea716c349
SHA512

9d4ffbb08742233f93150b9bf74f0fb718977675a970195584502e1e94c178de61b602b2813a511ebb76c5488e5091b45cf406c906ea680639a0a097bdc1be66
SSDEEP

6144:Zg3OqqjfKxy+A0NgMCJB36oNI0d6jkrqNmaCL:ZgejyA012qoKUqfRS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9d998190300206254649c00ae85769a

Files

a9d998190300206254649c00ae85769a
.exe windows:4 windows x86 arch:x86

1164ad51bd234b00846e64db30733c31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CallNamedPipeA
CompareStringW
CreateEventW
CreateProcessW
DisconnectNamedPipe
ExitProcess
GetComputerNameA
GetPrivateProfileStructA
GetProfileSectionA
GetThreadLocale
GetThreadSelectorEntry
IsBadHugeReadPtr
IsDBCSLeadByte
LocalReAlloc
OpenEventW
OpenFile
PrepareTape
Process32First
RequestWakeupLatency
ResetWriteWatch
SetCalendarInfoW
SetFileAttributesA
TransmitCommChar
WaitForDebugEvent
_lread
lstrcpyW

user32

BroadcastSystemMessageW
CascadeChildWindows
ChangeDisplaySettingsW
CopyAcceleratorTableW
CreateIconFromResourceEx
DdeConnect
DdePostAdvise
DispatchMessageW
EnumDesktopWindows
EnumThreadWindows
EnumWindowStationsA
FrameRect
GetAncestor
GetClassInfoExA
GetClassLongA
GetClassNameA
GetDlgItemTextW
GetGuiResources
GetKeyboardState
GetMenuStringW
RemovePropA
SendMessageTimeoutA
SetClassLongA
TranslateAcceleratorW
UserClientDllInitialize
WINNLSGetEnableStatus
keybd_event

gdi32

Chord
CreateBitmap
CreateColorSpaceW
CreateICW
CreateScalableFontResourceW
CreateSolidBrush
ExcludeClipRect
GdiSetBatchLimit
GetEnhMetaFileBits
GetLayout
GetObjectA
GetTextCharsetInfo
GetTextMetricsW
GetWindowOrgEx
PlayEnhMetaFile
PtInRegion
RestoreDC
SelectObject
SetColorSpace
SetDIBitsToDevice
SetFontEnumeration
SetICMMode

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1164ad51bd234b00846e64db30733c31

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 223KB - Virtual size: 236KB

.idata Size: - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 220KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 223KB - Virtual size: 236KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 220KB