9b99f9fe7fa43f391eda1dfef1a0c3a6[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9b99f9fe7fa43f391eda1dfef1a0c3a6.exe
Size

4.0MB
MD5

9b99f9fe7fa43f391eda1dfef1a0c3a6
SHA1

474d3238f78fcdb4f41a429786961938586a132c
SHA256

59a9d10eba81d62337f38d8f72a15f283e1f4bc9daa99fe0c08f780f3e4da839
SHA512

e3ff4b2d859b1d78a7355c738c7129f1feb8a7be3e6b64ee61fafe26675e1b0289ac3d4ffcd15495e62a87265b73c8fba58f40df69b52ce88c91fde0d43d8bc9
SSDEEP

98304:/G/a81cB033sr4JFvMTFLOAkGkzdnEVomFHKnP:i33uTFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b99f9fe7fa43f391eda1dfef1a0c3a6.exe

Files

9b99f9fe7fa43f391eda1dfef1a0c3a6.exe
.exe windows:6 windows x64 arch:x64

65e7381b8e5f68b907687bf58487ea9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Project\0_new_plain\0_start\01_XXX_64bit\01_XXX\x64\Release\01_XXX.pdb

Imports

kernel32

RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetStdHandle
FreeEnvironmentStringsW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
GetFileType
SetStdHandle
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetStartupInfoW
VirtualQuery
VirtualAlloc
GetSystemInfo
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
HeapReAlloc
HeapQueryInformation
ExitThread
CreateThread
RtlPcToFileHeader
ExitProcess
RtlUnwindEx
RtlLookupFunctionEntry
GetCommandLineW
FindResourceExW
GetWindowsDirectoryW
VirtualProtect
GetTempFileNameW
GetProfileIntW
GetTickCount
SearchPathW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FileTimeToSystemTime
GlobalGetAtomNameW
InitializeCriticalSection
GlobalFlags
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GlobalFree
GlobalUnlock
FreeResource
lstrcpyW
ResumeThread
SetThreadPriority
WaitForSingleObject
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
SetLastError
GlobalAddAtomW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
FreeLibrary
GetVersionExW
GetCurrentThread
WideCharToMultiByte
MultiByteToWideChar
LockResource
SizeofResource
LoadResource
FindResourceW
FindNextFileW
FindClose
GetTempPathW
GetModuleFileNameW
CreateProcessW
FindFirstFileW
LoadLibraryExA
Sleep
CloseHandle
GetCurrentThreadId
OutputDebugStringA
CreateFileW
WriteFile
OutputDebugStringW
SetFilePointer
GetLocalTime
GetProcAddress
LoadLibraryExW
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
GetTimeZoneInformation

user32

GetWindowRgn
HideCaret
InvertRect
GetKeyboardLayout
ToUnicodeEx
CharUpperBuffW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
GetUpdateRect
SendDlgItemMessageA
SetClassLongPtrW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
GetIconInfo
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetRect
SetCursorPos
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
UnionRect
EnableScrollBar
DestroyMenu
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
CreatePopupMenu
NotifyWinEvent
IntersectRect
SetRectEmpty
MessageBeep
GetSystemMenu
LoadMenuW
GetAsyncKeyState
IsZoomed
TrackMouseEvent
CharUpperW
DestroyIcon
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoW
CopyImage
LoadCursorW
RealChildWindowFromPoint
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CreateMenu
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
EqualRect
CopyRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
InvalidateRect
UpdateWindow
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
EnableWindow
SendMessageW
GetSystemMetrics
LoadIconW
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
ValidateRect
GetKeyState
GetActiveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
DrawIconEx
DestroyCursor
GetKeyboardState
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetNextDlgGroupItem
IsClipboardFormatAvailable
MapDialogRect
SubtractRect
GetKeyNameTextW
PostThreadMessageW
FrameRect
CopyAcceleratorTableW
CreateAcceleratorTableW
MapVirtualKeyW
GetScrollInfo
GetClientRect
DrawIcon
IsIconic
wsprintfW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
PostMessageW
PostQuitMessage
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
IsWindow
GetWindowRect
GetCursorPos
ClientToScreen
ScreenToClient
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
RegisterWindowMessageW
DrawEdge
DrawFrameControl
IsWindowVisible
DrawStateW
SetWindowRgn
RedrawWindow
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
RegisterClipboardFormatW

gdi32

GetObjectW
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRoundRectRgn
CreateCompatibleBitmap
CreateDIBSection
CreateFontIndirectW
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
GetRgnBox
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
SetBkMode
SetBkColor
SelectPalette
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
OffsetRgn
DeleteDC
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateCompatibleDC
BitBlt
GetTextMetricsW
GetDeviceCaps
CreateDCW
CopyMetaFileW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
CreateBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW
SHAppBarMessage
SHGetSpecialFolderPathW

shlwapi

PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW

uxtheme

GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeParentBackground
DrawThemeText

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CreateStreamOnHGlobal
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
OleLockRunning
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

SysAllocStringLen
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantInit
VariantClear
SysAllocString

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 621KB - Virtual size: 621KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65e7381b8e5f68b907687bf58487ea9d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 621KB - Virtual size: 621KB

.data Size: 33KB - Virtual size: 82KB

.pdata Size: 80KB - Virtual size: 80KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 59KB - Virtual size: 58KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 621KB - Virtual size: 621KB

.data
Size: 33KB - Virtual size: 82KB

.pdata
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 59KB - Virtual size: 58KB