c9952be4a782a96c0234985b9cf6932c

Sharing

Copy URL Twitter E-mail

General

Target

c9952be4a782a96c0234985b9cf6932c
Size

2.1MB
MD5

c9952be4a782a96c0234985b9cf6932c
SHA1

edf26bf6dabd3199da325602ca35540ad1d486ff
SHA256

e09023b8cc738fc3f34977c89031954964004b3796950a86437abe4111b43a8a
SHA512

a7ad36ea9c38d77361eaec1573088a26a6db9aded20fcaccf7e985e4aff8bd82cbbb65759f1e3977c12c027b08906b29195d1f8628cfc6f0aed57155d0130518
SSDEEP

49152:DL3Dsz0n1VBQlwvh508X0/QkQpt+FZIrkM3Ql+6Ejau+:v3Iwn14qZX2QkQVkkonEWu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9952be4a782a96c0234985b9cf6932c

Files

c9952be4a782a96c0234985b9cf6932c
.exe windows:4 windows x86 arch:x86

5c4af94f09c99b8ede3b8cff359a4816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetDriveTypeA
ExitProcess
CreateFileW
FreeLibraryAndExitThread
LocalAlloc
GetVolumeInformationW
FreeResource
GetTickCount
VirtualQueryEx
GlobalFlags
DeleteFiber
GetTapeParameters
InitializeCriticalSection
_hread
GetUserDefaultLangID
Beep
GetTapeStatus
GlobalAddAtomA
SetConsoleOutputCP
QueryDosDeviceA
OutputDebugStringA
ReadConsoleOutputA
SetNamedPipeHandleState
GetOEMCP
EnumSystemCodePagesW
SetLastError
ReadFileScatter
GetThreadContext
GetStartupInfoA

user32

VkKeyScanW
CloseDesktop
PeekMessageW
LoadMenuIndirectA
OpenClipboard
IsDialogMessageA
CreateDialogIndirectParamA
GetUserObjectInformationA
GetMonitorInfoW
GetDesktopWindow
GetMenuCheckMarkDimensions
SetRect
GetCapture
GetDlgCtrlID
DrawFrameControl
MsgWaitForMultipleObjects
DialogBoxParamW
SetWindowsHookExW
EnumWindows
DialogBoxIndirectParamW
SetProcessWindowStation
GetScrollBarInfo
HiliteMenuItem
VkKeyScanA
DialogBoxIndirectParamA
AdjustWindowRectEx
MessageBoxW
GrayStringW
SetThreadDesktop
CharUpperBuffA
SetTimer
SwitchToThisWindow
AppendMenuW
TrackMouseEvent
wvsprintfW
HideCaret
ReplyMessage
GetClipboardViewer
SendMessageTimeoutW
IsWindowVisible
PtInRect
EnumDisplayDevicesW
SetCursorPos
PostMessageA
GetTitleBarInfo
EnableMenuItem
IsCharUpperW
MessageBoxExA
EnumDisplayMonitors
IsWindowUnicode
CheckMenuItem

gdi32

RectVisible
OffsetClipRgn

comdlg32

GetFileTitleA

advapi32

OpenServiceW
RegUnLoadKeyA
RegCreateKeyExW
GetSecurityDescriptorSacl
AccessCheck
ChangeServiceConfigW
RegCloseKey
CryptEncrypt
GetServiceDisplayNameW
ReportEventW
RegisterEventSourceA
RegDeleteValueW
RegQueryInfoKeyA
AdjustTokenPrivileges
BuildSecurityDescriptorW
LogonUserW
SetFileSecurityW
QueryServiceLockStatusW
GetUserNameW
CryptSetKeyParam
GetUserNameA
RegEnumKeyExA
DeregisterEventSource
RegSaveKeyW
GetServiceKeyNameW
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherA
LookupAccountNameA
CloseServiceHandle
AccessCheckAndAuditAlarmW
GetFileSecurityA
RegDeleteKeyW
CreateServiceA
GetAclInformation
RegOpenKeyW
RegOpenKeyA
ImpersonateSelf
SetSecurityDescriptorOwner
InitializeAcl

shell32

DragFinish

ole32

OleSave
OleCreateMenuDescriptor
CoLockObjectExternal
IIDFromString
CoGetObject

oleaut32

SysFreeString
SafeArrayPutElement
VariantCopy
SafeArrayUnaccessData
SafeArrayCreate
SysStringLen
SafeArrayGetLBound
LoadTypeLibEx
QueryPathOfRegTypeLi

comctl32

ImageList_Add
ImageList_DragEnter
ImageList_DragLeave
ImageList_DrawEx

shlwapi

StrRetToBufW
StrDupA
PathRemoveBlanksW
PathCommonPrefixW
StrChrA
SHRegWriteUSValueW
SHRegOpenUSKeyW
PathRemoveBackslashW
PathCanonicalizeW
SHRegGetBoolUSValueW

Sections

.text
Size: 3KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c4af94f09c99b8ede3b8cff359a4816

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 3KB - Virtual size: 220KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 3KB - Virtual size: 220KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB