b9b6494aa4c7c4ca1d67cd17a8238304

Sharing

Copy URL Twitter E-mail

General

Target

b9b6494aa4c7c4ca1d67cd17a8238304
Size

83KB
MD5

b9b6494aa4c7c4ca1d67cd17a8238304
SHA1

ced288f6fd0b19e711eacc7e3332d71d4045aba7
SHA256

549dbf492168868b5dc3fcf3b3474cb05f25731074157b64ae5574636cefaf60
SHA512

8101fc72fe349bb6d5cd5de96d65cba783e6266b1eadcd1ca19d93cff26cf6298255a9c83c4b2f554e4bca0e20786b3c5e0a9f761c55ea5e53a22e9f090ea83d
SSDEEP

1536:RYU+PdL36dTtZeYePSL4NpcF3NCe5e/LPmri3R2V8wYdmR8a:RYFdEwRpclUeQ88TBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9b6494aa4c7c4ca1d67cd17a8238304

Files

b9b6494aa4c7c4ca1d67cd17a8238304
.exe windows:4 windows x86 arch:x86

61670ef39153ced7d9ddfda788551e13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FindResourceA
GetStdHandle
LoadLibraryExA
GetThreadLocale
GetOEMCP
HeapFree
GetModuleHandleA
GetCurrentProcessId
SetErrorMode
RaiseException
lstrcpynA
FindClose
SetEvent
GlobalFindAtomA
VirtualFree
VirtualQuery
lstrcatA
GetFileType
LoadLibraryA
SetEndOfFile
ExitProcess
LocalFree
EnumCalendarInfoA
DeleteCriticalSection

user32

CharNextW
TrackPopupMenu
GetKeyboardState
GetCursorPos
SetClipboardData
ReleaseDC
SetActiveWindow
IsCharUpperA
GetClientRect
GetClassInfoA
SetTimer
RegisterClipboardFormatA
IsZoomed
ChildWindowFromPoint
LoadBitmapA
BeginPaint
LoadStringA
GetCursor
CloseClipboard
DestroyWindow
GetScrollPos
ReleaseCapture
GetScrollRange
IntersectRect
DrawIcon
SetPropA
GetWindowTextA
IsDlgButtonChecked
PeekMessageA
ScrollWindow
GetCapture
GetKeyNameTextA
DefWindowProcA
GetParent
PostMessageA
GetPropA
DestroyMenu
IsCharLowerA
RegisterClassA
GetWindowLongA
wsprintfA
CharLowerA
EnumWindows
DefFrameProcA
GetKeyboardType
IsWindowUnicode
UnregisterClassA
IsIconic
GetScrollInfo
GetMenuItemCount
TranslateMessage
GetSubMenu
MessageBeep
GetMenu
SetWindowTextA
GetWindowPlacement
GetKeyState
OffsetRect
SetForegroundWindow
CharNextA
MoveWindow

shell32

Shell_NotifyIconA
SHFileOperationA
DragQueryFileA
SHGetFileInfoA
SHGetSpecialFolderLocation

Exports

Exports

_E37QINg@20
_m8EG3Fzd

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61670ef39153ced7d9ddfda788551e13

Headers

File Characteristics

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 28KB

.edata Size: 48KB - Virtual size: 47KB

.idata Size: 3KB - Virtual size: 2KB

.bdata Size: 512B - Virtual size: 326B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 28KB

.edata
Size: 48KB - Virtual size: 47KB

.idata
Size: 3KB - Virtual size: 2KB

.bdata
Size: 512B - Virtual size: 326B

.rsrc
Size: 8KB - Virtual size: 8KB