c9ce14828a25fce032bf6b82ac400e2d

Sharing

Copy URL Twitter E-mail

General

Target

c9ce14828a25fce032bf6b82ac400e2d
Size

72KB
MD5

c9ce14828a25fce032bf6b82ac400e2d
SHA1

dcb33fe316bf9551f9dc57e667dc8c6cd109f671
SHA256

3d445262fb4d4c57c1d99c681d0dd88e23a243282c9c9d2ed9a8b2be006a56da
SHA512

c0426d0a549aac9223f1ee0f331a6c343dae395b338609a7616f54d24a7b781e5a8b8dc93f5f046702c5552b38e0df5c5724dda1b8327185d7677e3aaa75d58e
SSDEEP

1536:/2smFs/8abxWMXfUoRAGzOMp0VtwZLQ3vJHE:mGNHRAGb0wZLQ3vVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9ce14828a25fce032bf6b82ac400e2d

Files

c9ce14828a25fce032bf6b82ac400e2d
.exe windows:4 windows x86 arch:x86

609a7c80d0cdaa27b7cf9a8a8ba800a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
DeleteFileW
ExitThread
GetLastError
ReadFile
DeleteAtom
CreateDirectoryA
GetCommandLineA
GetCPInfo
Sleep
GetFileTime
DeleteFileA
SetLastError
CopyFileA
OpenFileMappingA
OpenFile
CopyFileW
GetComputerNameA
WriteFile
FindAtomA

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegLoadKeyA
RegQueryValueA
RegEnumKeyA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumValueW
RegDeleteValueA
RegQueryValueW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExA
RegEnumKeyExW
RegLoadKeyW
RegFlushKey
RegQueryInfoKeyA

gdi32

AddFontMemResourceEx
CreateSolidBrush
GetPixel
GetPixel
ExcludeClipRect
CloseMetaFile
ClearBrushAttributes
CloseFigure
SetTextColor
AddFontResourceExW
GetBrushOrgEx
RestoreDC
CopyMetaFileA
DeleteObject
ClearBitmapAttributes
AddFontResourceExA
CancelDC
AbortPath
GetClipBox
BitBlt
AddFontResourceTracking

user32

GetDlgItem
EndDialog
CopyRect
GetCursor
DrawIconEx
GetWindowTextLengthA
GetDC
AlignRects
InsertMenuA
LoadCursorA
DialogBoxParamW
DialogBoxParamA
CopyIcon
AppendMenuW
GetMenu
CreateIcon
DrawTextA
CloseWindow
DrawTextW

comctl32

ImageList_Merge
ImageList_GetImageRect
ImageList_LoadImageA
ImageList_GetDragImage
ImageList_DragLeave
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Destroy
ImageList_Read
ImageList_AddIcon
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetIcon
InitCommonControls
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_DragMove
ImageList_LoadImageW
ImageList_Copy
ImageList_Draw

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

609a7c80d0cdaa27b7cf9a8a8ba800a3

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 62KB - Virtual size: 142KB

.reloc Size: - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 274B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 62KB - Virtual size: 142KB

.reloc
Size: - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 274B