b9c3086cb5891db978b097db7f9b5e5f

Sharing

Copy URL Twitter E-mail

General

Target

b9c3086cb5891db978b097db7f9b5e5f
Size

559KB
MD5

b9c3086cb5891db978b097db7f9b5e5f
SHA1

8b94451bca33723c9adca1c7d53668280f60dcb8
SHA256

01e1eb30300f865c261d54741598d73ed7ed65c8e5de96a1b7bd59f290d727bc
SHA512

b5bad221c54940e7a984229065d1d8d0942b9b6d97b0bca03df26a61431f196a762ac468632cee876b092ddff241855a595504fbf9cca4a6dee812798bd46d40
SSDEEP

12288:FYRIHe5KQfbx7KgC0U1PShJcZWUAZe59xmY176v6:ORYQTx7KgCLZWUAZe59kY1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9c3086cb5891db978b097db7f9b5e5f

Files

b9c3086cb5891db978b097db7f9b5e5f
.dll windows:5 windows

e430c679dc5c6b1f87857e7694cdc494

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
_lread
_lopen
_llseek
_lclose
_hread
WritePrivateProfileStringA
WinExec
UnhandledExceptionFilter
TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
QueryPerformanceCounter
OpenFile
MultiByteToWideChar
LockResource
LocalFree
LocalAlloc
VirtualAlloc
LoadResource
LoadLibraryA
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersion
GetUserDefaultLangID
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
GetProcAddress
GetPrivateProfileIntA
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
FreeResource
FindResourceA
AddAtomA
GetModuleHandleW

user32

CharLowerA
GetKBCodePage
CharLowerW
ReleaseCapture
CascadeWindows
CharUpperA
GetMessageExtraInfo
GetInputDesktop
GetSubMenu
InsertMenuA
InvertRect
SetThreadDesktop
GetFocus
GetShellWindow
GetMessagePos
ExcludeUpdateRgn
GetForegroundWindow
GetProcessWindowStation
LoadCursorW

gdi32

MaskBlt
LPtoDP
GetWorldTransform
GetWindowExtEx
GetSystemPaletteEntries
GetStockObject
GetRelAbs
GetPaletteEntries
GetOutlineTextMetricsW
GetOutlineTextMetricsA
GetObjectA
GetLayout
GetHFONT
GetEnhMetaFileW
GetEUDCTimeStamp
GdiPlayDCScript
GdiArtificialDecrementDriver
GdiAddGlsRecord
ExtCreateRegion
MoveToEx
PolyTextOutA
EngDeleteSurface
EngCreateDeviceSurface
EngComputeGlyphSet
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreateScalableFontResourceW
CreateRectRgnIndirect
CreatePalette
CreateMetaFileW
CreateFontA
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
CreateColorSpaceA
CLIPOBJ_ppoGetPath
BitBlt
AnimatePalette
EnumFontFamiliesW
Pie
ResizePalette
STROBJ_bEnum
STROBJ_dwGetCodePage
SelectObject
SetBkMode
SetICMMode
SetLayout
SetPaletteEntries
GetDeviceCaps
EngQueryEMFInfo
bMakePathNameW
XFORMOBJ_iGetXform
UnrealizeObject
StretchDIBits
SetVirtualResolution
SetTextColor
SetSystemPaletteUse
SetPixelFormat

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegOpenKeyW

shell32

ExtractIconEx
DoEnvironmentSubstA
ExtractIconW
FindExecutableA
SHCreateDirectoryExW
SHFileOperationW
SHGetDataFromIDListW
SHGetFileInfoA
SHGetFolderPathW
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHLoadInProc
SHPathPrepareForWriteW
ShellAboutA
ShellExecuteA
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

shlwapi

StrRStrIA
StrCmpNW
StrChrW
StrStrW

comctl32

InitCommonControlsEx

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_cexit
_controlfp
_except_handler3
_exit
_initterm
_itoa
_ltoa
_strnicmp
atol
exit
free
malloc
memmove
realloc
sprintf
sscanf

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e430c679dc5c6b1f87857e7694cdc494

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

comctl32

msvcrt

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 392KB - Virtual size: 392KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 392KB - Virtual size: 392KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 2KB