a9c67ed68a316a7409803c188ce5056a

General

Target

a9c67ed68a316a7409803c188ce5056a
Size

233KB
MD5

a9c67ed68a316a7409803c188ce5056a
SHA1

1ad66bea37188bbafdd8aff125352d718b258376
SHA256

9f8d082385d20587c010e08e063a6d44e24fc7644dfc724cf722d990bffd2edd
SHA512

a1066d2ffe6b5a096fac72f03b98d481f7e56fe8385cff7189921f5e839fa1624e6f55e085bf3ef2ea86b0056e75c4288463938802855baeb3ed7b0bbeba5817
SSDEEP

6144:4iR82Lme6/2V5I8/AM/cF6F0r/V2nbUZY9bZJTlRg2ne:tq3e6/qGM0Qc/V2n4ZY9bZfe2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9c67ed68a316a7409803c188ce5056a

Files

a9c67ed68a316a7409803c188ce5056a
.exe windows:4 windows x86 arch:x86

9b4262dfa082b556a4e2387e48c75dfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RemovePropA
GetKeyState
DestroyCursor
MsgWaitForMultipleObjects
PostQuitMessage
GetWindowDC
DestroyWindow
FillRect
CharNextA
SendMessageW
GetWindowPlacement
CallWindowProcA
TrackPopupMenu
CharNextW
SetMenuItemInfoA
GetDCEx
GetKeyboardState
SetClipboardData
DefFrameProcA
TranslateMDISysAccel
GetDC
GetIconInfo
RegisterClipboardFormatA

msvcrt

mbstowcs
memmove
pow
atan
srand
sqrt

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
FindTextA

kernel32

SetFilePointer
ExitProcess
VirtualAllocEx
GetProcAddress
lstrlenW
LoadLibraryA
GetModuleHandleW
GetLastError
ResetEvent
LoadLibraryExA
GetStdHandle
GetFullPathNameA
GetCommandLineA
GlobalDeleteAtom
lstrlenA
GetCurrentThreadId
GetModuleHandleA
GetCommandLineW
ExitThread

comctl32

ImageList_Destroy
ImageList_GetBkColor
ImageList_Write
ImageList_Add
ImageList_Read
ImageList_DragShowNolock
ImageList_Remove
ImageList_DrawEx
ImageList_Create
ImageList_Draw

shlwapi

SHDeleteValueA
SHEnumValueA
PathIsContentTypeA

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b4262dfa082b556a4e2387e48c75dfd

Headers

File Characteristics

Imports

user32

msvcrt

comdlg32

kernel32

comctl32

shlwapi

Sections

.text Size: 76KB - Virtual size: 76KB

.data Size: 1024B - Virtual size: 60KB

.rdata Size: 11KB - Virtual size: 11KB

BSS Size: 133KB - Virtual size: 132KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 76KB - Virtual size: 76KB

.data
Size: 1024B - Virtual size: 60KB

.rdata
Size: 11KB - Virtual size: 11KB

BSS
Size: 133KB - Virtual size: 132KB

.rsrc
Size: 9KB - Virtual size: 9KB