c9328044f3d94a0e9dc9d22c200e317a

Sharing

Copy URL

Twitter E-mail

General

Target

c9328044f3d94a0e9dc9d22c200e317a
Size

145KB
MD5

c9328044f3d94a0e9dc9d22c200e317a
SHA1

d036f755ad9001dbad66d2011fb470a3c9452643
SHA256

0fbeb3f50de140fda85678fe354a9cd5df970763fa9541c7a7f93226c292e1d9
SHA512

d439c3ff81a64e0393358f34cf3b3905b88141e501bfe9100846c889ee6fb6934ba0e27cc4d74a69b13380c02b3c814cf054203a65ab6ff8b8dfe6879be88d30
SSDEEP

3072:OXPjwSiU99T0uhtdk4to+sogF9zcn4FZhFU/tZ5Cm80Kba:ePjUU9V0Svbs/zG2H+ZJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9328044f3d94a0e9dc9d22c200e317a

Files

c9328044f3d94a0e9dc9d22c200e317a
.exe windows:5 windows x86 arch:x86

7fed478439649a54a2637aedd953562b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dx7vfmon

_FCosh
_Cosh
_FDtest
_Strxfrm
_Nan
_Strcoll
_LInf
_LExp
_Rteps
_LPoly
_FXbig
_Hugeval
_Toupper
_FDnorm
_Stold
_LRteps
_Tolower
_Getcoll
_Inf
_Stof
_LDenorm
_Snan
_FDenorm
_FEps
_LDtest
_FInf

advapi32

OpenProcessToken
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

msvcrt

toupper
malloc
_except_handler3
free
realloc
sprintf
div
mktime
strstr
strncmp
gmtime

user32

DialogBoxParamA
EnableWindow
DestroyIcon
CharUpperA
EnableMenuItem
CheckDlgButton
SetWindowPos
GetCursorPos
wsprintfA
GetActiveWindow
LoadCursorA
AppendMenuA
KillTimer
IsWindowEnabled
IsIconic
SetWindowTextA
MoveWindow
SetForegroundWindow
SendDlgItemMessageA
IsZoomed
GetAsyncKeyState
GetParent
CallWindowProcA
SendMessageA
EmptyClipboard
SetTimer
GetWindowTextA
LoadIconA
EndDialog
EnumClipboardFormats

kernel32

ReadProcessMemory
lstrcpyA
OutputDebugStringA
MulDiv
SetThreadPriority
WritePrivateProfileStringA
OpenProcess
GlobalLock
SetCurrentDirectoryA
LoadLibraryA
CreateFileMappingA
GetProcAddress
DeleteFileA
SetFilePointer
lstrlenW
CreateProcessA
GetPriorityClass
VirtualFree
WaitForMultipleObjects
TerminateProcess
ReadFile
UnmapViewOfFile
GetCurrentThread
GlobalUnlock
GetPrivateProfileStructA
GlobalAlloc
lstrcmpA
WritePrivateProfileStructA
GetComputerNameA
CloseHandle
SetPriorityClass
GetModuleHandleA
CreateFileA
VirtualQuery
CopyFileA
GetCurrentProcessId
VirtualAlloc
GetModuleFileNameA
Sleep
CreatePipe
SetEndOfFile
SetFileAttributesA
VirtualQueryEx
WriteFile
MapViewOfFile
IsBadReadPtr

imagehlp

BindImageEx

Sections

.text
Size: 131KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fed478439649a54a2637aedd953562b

Headers

DLL Characteristics

File Characteristics

Imports

dx7vfmon

advapi32

msvcrt

user32

kernel32

imagehlp

Sections

.text Size: 131KB - Virtual size: 132KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 131KB - Virtual size: 132KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 4KB