c9869950d93fc1f752c9e77a31e14045

General

Target

c9869950d93fc1f752c9e77a31e14045
Size

108KB
MD5

c9869950d93fc1f752c9e77a31e14045
SHA1

61f5fd77ec45098e4ac6112d9d49455a35758e8e
SHA256

11d43ea54b2bd796f77173be9a384509ebf4eae5bb4a2e4ee0b661bcb0f6986b
SHA512

7f3ef4d498b012d5d4f208c5954736380a4b2f4e0cfa7bfe007a85f535ef413c066a8b1556502ed0cde2f588464f97edcdf3ca5e6c83b376526230cee0cc5948
SSDEEP

1536:2ueGDsrGwLKXWNcp7D7iTTGoqT++FnoChHeyAHuBdbs8+d0ubV9FQfZwnAf5kOgG:nXJpXx7DwBqK+OwH62O10ub7vQZgtMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9869950d93fc1f752c9e77a31e14045

Files

c9869950d93fc1f752c9e77a31e14045
.exe windows:4 windows x86 arch:x86

c95df05f76a2b7066718107ead1958ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
ExitProcess
LoadLibraryA
CompareStringW
CompareStringA
GetProcAddress
VirtualAlloc
GetProcessHeap
HeapAlloc
GetEnvironmentVariableA
DeleteFiber
lstrcmpiA
LockFile
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetModuleFileNameA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
WriteFile
GetCPInfo
GetACP
GetOEMCP
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
SetEnvironmentVariableA

user32

CreateIcon

gdi32

GetMetaRgn
EndPath
CreateFontW
EnumObjects
CombineTransform

advapi32

GetUserNameW

Exports

Exports

jxvedj
thvqcc
utyywl

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c95df05f76a2b7066718107ead1958ce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 16KB - Virtual size: 16KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 16KB - Virtual size: 16KB