c9bce7cd91b20924eda4e9556a3c0a7c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9bce7cd91b20924eda4e9556a3c0a7c
Size

167KB
MD5

c9bce7cd91b20924eda4e9556a3c0a7c
SHA1

8f4c2148809b94a6d837ee5914d3140d8fbea4a1
SHA256

d859aecc8de74c1c9c9f66c3194fde3e18957e37d21748729035a027f98f8f64
SHA512

54126dc4e9dac9436bb30716a47085c135ea46abd59e5b4087524fd34296342d4574dfb656cf2e0a9780c2981c0bb15ad44fae4f56cc4893aead0f0e63eeac41
SSDEEP

3072:ejwwRIb5ZlFIuPzGCB6PMzNBJZAPHOMFIC031hDBVpT3QviVBWuED/LDQYO:MMXzIuPzGCXzNrCqCyQqBWHDPQYO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9bce7cd91b20924eda4e9556a3c0a7c

Files

c9bce7cd91b20924eda4e9556a3c0a7c
.exe windows:4 windows x86 arch:x86

e3b73244a19be4dae73262b664a706c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ValidateRect
SetCapture
GetCapture
EnableWindow
FlashWindow
RealGetWindowClassA
InvalidateRgn
UpdateWindow
IsWindowEnabled
IsWindow
ReleaseCapture
DestroyWindow
ExcludeUpdateRgn
ValidateRgn
GetUpdateRgn

kernel32

IsBadReadPtr
LocalFileTimeToFileTime
FindFirstFileW
LocalFree
ConvertFiberToThread
SystemTimeToFileTime
SetThreadIdealProcessor
FindNextFileW
SetEnvironmentVariableW
FreeLibrary
GetSystemDirectoryW
FileTimeToLocalFileTime
GetOEMCP
FileTimeToSystemTime
LCMapStringW
GetCurrentProcess
EnumResourceNamesW
SetErrorMode
RegisterWaitForSingleObject
GetShortPathNameW
LoadResource
SetCurrentDirectoryW
GetStringTypeW
FindClose
CompareStringA
LocalAlloc
FindResourceW
GetLocalTime
SearchPathW

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ