b9dbdcc59cfb66a05c108af12e3fecb0

Sharing

Copy URL

Twitter E-mail

General

Target

b9dbdcc59cfb66a05c108af12e3fecb0
Size

174KB
MD5

b9dbdcc59cfb66a05c108af12e3fecb0
SHA1

a37265318452edbc4b02fb9fd234fbec495e29b0
SHA256

c6e0852e51cf040f1e874abbd2d6efd29f3cc58fccbf00cd4110645e4d316b9b
SHA512

6e771e2628153936139f0aabee37c0d71cc7273fe036ea96811471c03b32613d41a9a911928427ef77ff07201db0a55ad72bd92cc96b9c3f7b3589705466d2e3
SSDEEP

3072:tHcFGynMNXrCdPmb/+a/eyO/7k54jK5DXk5D0ywJGB2VD8nonx:tHcJ4v7+ai/7k54jE7q0ywJCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9dbdcc59cfb66a05c108af12e3fecb0

Files

b9dbdcc59cfb66a05c108af12e3fecb0
.exe windows:4 windows x86 arch:x86

c2ef2317873649ef0a0b1b66c795d5ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetFocus
GetCursor
IsWindowVisible
GetMenuStringA
GetMessagePos
WaitMessage
GetSysColor

version

VerFindFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

VirtualAlloc
ExitThread
GetProcAddress
GetModuleHandleA
lstrlenA
ExitProcess
ExitProcess
ExitThread
FindResourceA
VirtualQuery
GetThreadLocale
GetDiskFreeSpaceA

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_Draw
ImageList_Write
ImageList_Create
ImageList_Destroy

gdi32

GetPixel
GetCurrentPositionEx
CreatePalette
CreateDIBSection
RestoreDC
GetRgnBox
GetBitmapBits
GetClipBox
BitBlt
RestoreDC
SelectPalette
GetObjectA
CreateCompatibleDC

ole32

CoCreateGuid
PropVariantClear
OleCreateStaticFromData
CoGetContextToken
CoDisconnectObject
StgOpenStorage
StringFromIID
CoCreateInstanceEx
OleRegGetUserType
CoCreateFreeThreadedMarshaler
CoUninitialize
OleRun
CLSIDFromString

advapi32

RegLoadKeyA

shell32

Shell_NotifyIconA
SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHFileOperationA
SHGetFileInfoA
SHGetDiskFreeSpaceA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFolderPathA

oleaut32

SafeArrayGetUBound
VariantCopyInd
VariantChangeType
SysFreeString
SafeArrayUnaccessData
OleLoadPicture
SysReAllocStringLen

shlwapi

SHDeleteKeyA
PathIsContentTypeA
PathGetCharTypeA
PathIsDirectoryA
PathFileExistsA
SHDeleteValueA
SHSetValueA
SHEnumValueA
SHQueryInfoKeyA
PathGetCharTypeA

comdlg32

FindTextA
GetSaveFileNameA
FindTextA

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2ef2317873649ef0a0b1b66c795d5ea

Headers

File Characteristics

Imports

user32

version

kernel32

comctl32

gdi32

ole32

advapi32

shell32

oleaut32

shlwapi

comdlg32

Sections

CODE Size: 29KB - Virtual size: 29KB

DATA Size: 512B - Virtual size: 60KB

.data Size: 143KB - Virtual size: 142KB

CODE
Size: 29KB - Virtual size: 29KB

DATA
Size: 512B - Virtual size: 60KB

.data
Size: 143KB - Virtual size: 142KB