c9f4377905d4d32f2588195ee308f646

Sharing

Copy URL Twitter E-mail

General

Target

c9f4377905d4d32f2588195ee308f646
Size

415KB
MD5

c9f4377905d4d32f2588195ee308f646
SHA1

ac7d65bb9ed880ccef7935edc53a9924a18560c7
SHA256

7eedb7582551b4a9e14a50f8267fdc16f3ccf3e7f3e00145febae11308601671
SHA512

c362affc0c4101b156c3b3b391615e9fa0bffa6cce2c51f227696a7c8484b3ef00d45a38ee9f3d2ee67d7cd145385798b1324ab945c4b94af54fe59b7df1e22b
SSDEEP

12288:TJzq2VX1a2TuYGXSod0GTNmR3Aa4WBVvjv+:TJzqiLGXSodZMGWBVC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9f4377905d4d32f2588195ee308f646

Files

c9f4377905d4d32f2588195ee308f646
.exe windows:4 windows x86 arch:x86

9414b763551505cc97ef7c209f45c0d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
LoadLibraryA
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetLocaleInfoA
FreeLibrary
lstrcpyA
GetModuleFileNameW
TerminateProcess
InterlockedIncrement
GetWindowsDirectoryA
WideCharToMultiByte
GetUserDefaultLCID
GetLocalTime
MultiByteToWideChar
HeapDestroy
RaiseException
lstrcpynW
GetCalendarInfoW
LocalFileTimeToFileTime
SystemTimeToFileTime
CompareStringW
GetLocaleInfoW
GetModuleFileNameA
FileTimeToSystemTime
GetACP
GetProcessHeap
FileTimeToLocalFileTime
GetModuleHandleW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
GetCPInfo
GetOEMCP
GetFileType
SetHandleCount
GetLastError
UnhandledExceptionFilter
GetStdHandle
WriteFile
ExitProcess
VirtualQuery
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetSystemInfo
GetStartupInfoA
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
GetProcAddress
lstrlenA
FormatMessageA
CompareStringA
ExpandEnvironmentStringsW
lstrlenW
GlobalFree
FormatMessageW
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrcmpiW
WriteProfileStringW
LocalAlloc
LocalFree
DisableThreadLibraryCalls
GetCommandLineA
GetDateFormatW
VirtualProtect

user32

wsprintfW
IsCharAlphaNumericW
MessageBoxW
GetFocus
GetParent
SendDlgItemMessageW
LoadIconW
GetSystemMetrics
EnableWindow
GetClientRect
ShowWindow
GetDlgItem
PostMessageW
GetSysColor
CharNextW
CharNextA
GetWindow
GetWindowThreadProcessId
LoadStringA
SendMessageTimeoutW
SendNotifyMessageW
SendMessageW
LoadStringW
SetWindowLongW
DefDlgProcW
MessageBoxIndirectW
wsprintfA
SetFocus
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
PeekMessageA
VkKeyScanA
keybd_event
SetKeyboardState
FindWindowW
FindWindowA
GetDesktopWindow
GetWindowTextLengthW
GetWindowTextW
GetWindowTextLengthA
GetWindowTextA
IsWindowEnabled
IsWindowVisible
AttachThreadInput
SetForegroundWindow

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegSetValueExA
RegCreateKeyExA
GetUserNameW
GetUserNameA
ReportEventW
DeregisterEventSource
OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegSetValueExW
RegEnumValueW

gdi32

CreateSolidBrush
SetTextColor
DeleteObject
SetBkColor

ole32

StgOpenStorageEx
CoTaskMemFree
FreePropVariantArray
PropVariantClear
PropVariantCopy
CoCreateInstance
CoTaskMemAlloc

Sections

.text
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9414b763551505cc97ef7c209f45c0d8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 401KB - Virtual size: 400KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 337KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 401KB - Virtual size: 400KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 337KB

.rsrc
Size: 1KB - Virtual size: 1KB