b9d78a16e4d7e2d1f4cd55f9867159c2

General

Target

b9d78a16e4d7e2d1f4cd55f9867159c2
Size

176KB
MD5

b9d78a16e4d7e2d1f4cd55f9867159c2
SHA1

ada2791a718b21655ae11f5ac576db5f3a1f3bc2
SHA256

100c024011e10845bcb2f80e4800edc5cb4302b1e904d4e2aac44edaa15d55c1
SHA512

daf7e3441cedaaf0d326dc9970983e3500f3ee1df035049a9bd1c088f13082e197033cc8746f1113607884389d7b39b366d74e3a5bb52e531501bbab27966dbb
SSDEEP

3072:7zP5bzlx4smfeosDEAviQR9maBbtUm5iw4Ki9lQwixqzlIydhhTT0u3c1s8d:3P5b5OSDbvFRYhnsw4S1H0u3c1s8d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9d78a16e4d7e2d1f4cd55f9867159c2

Files

b9d78a16e4d7e2d1f4cd55f9867159c2
.exe windows:5 windows x86 arch:x86

e7f7cf09e6d5c7f32e531d5e59e99707

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

btaumdrv

_Getcoll
_Eps
_FRteps
_Stod
_FEps
_Dnorm
_Rteps

user32

InvalidateRect
LoadAcceleratorsW
IsWindowEnabled
GetMessageW
WindowFromPoint
OpenClipboard
ClientToScreen
GetMenuItemID
SetMenuItemInfoW
GetMessagePos
InflateRect
ScreenToClient
SetFocus
TrackPopupMenuEx
LoadIconW
FlashWindow
GetSysColor
SetForegroundWindow
DispatchMessageW
CreateWindowExW
GetMenuItemInfoW
GetClassNameW
GetDlgItem
SetWindowLongW
EndDialog
IsMenu
FindWindowW
GetWindowThreadProcessId
IsWindow
LoadImageW
EnableWindow
GetWindowDC

kernel32

SleepEx
GetVersion
CloseHandle
CreateMutexW
SetLastError
VirtualAlloc
GetVersionExA
HeapSetInformation
GetCurrentThreadId
RaiseException
GetPriorityClass
InterlockedIncrement
lstrcmpW
OutputDebugStringA
ExitProcess
InterlockedDecrement
DeleteCriticalSection
GetVolumePathNamesForVolumeNameW
HeapDestroy
GetUserDefaultLCID
GetCurrentProcessId
GetACP
GetCurrentProcess
MulDiv
ReleaseMutex
GetFileAttributesW

ntdll

NtOpenDirectoryObject
NtPulseEvent
NtPowerInformation
NtCancelTimer
NtOpenEventPair
NtCreateSemaphore
NtCreateSection
NtQueryInformationFile

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7f7cf09e6d5c7f32e531d5e59e99707

Headers

DLL Characteristics

File Characteristics

Imports

btaumdrv

user32

kernel32

ntdll

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 116KB - Virtual size: 116KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 116KB - Virtual size: 116KB