b9ebe84e4927ebb92f4ad55fc6e06ec8

Sharing

Copy URL Twitter E-mail

General

Target

b9ebe84e4927ebb92f4ad55fc6e06ec8
Size

81KB
MD5

b9ebe84e4927ebb92f4ad55fc6e06ec8
SHA1

8467acb4ae4993244141a6d9ca0a7d6bd57b2621
SHA256

40dd137475475b1775bd2986c581a475f209a0225d5a2f9f9501a0ddb271c87e
SHA512

b2d19c6c3f38c6086fb3f4c71585f19056dbd319af5033c23dad5959621bd34fd949debc8e456b73e576f1885c1d34e0d50b54fd4ddb41c5a1b4012f6836a423
SSDEEP

1536:ngA4ZcnzckBU9XNgdajnar1iIoz9t9wxUOgZYw4mr:gwzckBsX64L194x5gZmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9ebe84e4927ebb92f4ad55fc6e06ec8

Files

b9ebe84e4927ebb92f4ad55fc6e06ec8
.exe windows:4 windows x86 arch:x86

c3d25d9e4a199434a38780396ae3bddf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetLocaleInfoA
FindFirstFileA
SetEvent
GetProcessHeap
DeleteCriticalSection
GetDiskFreeSpaceA
LockResource
lstrcmpA
lstrcpyA
GetCurrentThreadId
InitializeCriticalSection
lstrcatA
CompareStringA
ExitProcess
GetUserDefaultLCID
SetHandleCount
LoadLibraryA
VirtualAllocEx
LoadLibraryExA
RaiseException
CreateEventA
EnumCalendarInfoA
GetFullPathNameA

ole32

CreateStreamOnHGlobal
CoCreateInstanceEx
CoCreateGuid
CoGetObjectContext
CoRevokeClassObject
CoGetContextToken

gdi32

RestoreDC
CreateCompatibleBitmap
GetTextColor
BitBlt

user32

OemToCharA
ScrollWindow
GetSysColorBrush
KillTimer
GetSystemMetrics
MapWindowPoints
GetKeyState
SetScrollPos
IsMenu
CharNextW
SendMessageW
InsertMenuA
GetMenuItemCount
DestroyCursor
CharNextA
AdjustWindowRectEx
PeekMessageA
PeekMessageW
DrawMenuBar
RegisterClassA
SetActiveWindow
IsIconic
GetKeyNameTextA
RegisterWindowMessageA
ShowWindow
DrawIconEx
UpdateWindow
SetPropA
IsRectEmpty
PostQuitMessage
GetClassLongA
EnumChildWindows
GetKeyboardLayout
InflateRect
GetWindowThreadProcessId
GetMenu
CharUpperBuffA
CreatePopupMenu
GetForegroundWindow
IsZoomed
ReleaseDC
GetKeyboardType
EnableWindow
CharUpperA
RegisterClipboardFormatA
GetMenuItemID
DrawTextA
LoadCursorA
GetClientRect
OpenIcon
DispatchMessageW
GetWindowPlacement
OffsetRect
RedrawWindow
FillRect
GetWindow
GetWindowDC
IsWindow
CheckMenuItem
GetClassNameA
GetCursorPos

Exports

Exports

_AnANXrqQzNG
n1QFxWbJ@20
o0RNNhuM
_ILB8V
QJVjfsyZQ
CHdX2Lk3@4
68Wpj
_3RyYHHY3TxbRb
8fWocJA8qVobn
_zdZyhmXwQBi@8
_C2tmEck0
_pmDQ7IF

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abdata
Size: 512B - Virtual size: 295B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3d25d9e4a199434a38780396ae3bddf

Headers

File Characteristics

Imports

kernel32

ole32

gdi32

user32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 9KB - Virtual size: 41KB

.data Size: 49KB - Virtual size: 49KB

.abdata Size: 512B - Virtual size: 295B

.edata Size: 512B - Virtual size: 308B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 9KB - Virtual size: 41KB

.data
Size: 49KB - Virtual size: 49KB

.abdata
Size: 512B - Virtual size: 295B

.edata
Size: 512B - Virtual size: 308B

.rsrc
Size: 8KB - Virtual size: 8KB