cd9d4d7fc0b3b9968e96722d0e516930

General

Target

cd9d4d7fc0b3b9968e96722d0e516930
Size

285KB
MD5

cd9d4d7fc0b3b9968e96722d0e516930
SHA1

3f02def3c0ec9fce280a998d2be944cbefdc74e9
SHA256

188a40af1e95630f0e62331edf1ca3d13201a2dd85f77f104d4f17f0ac6d4bb1
SHA512

2396d9598d4ac9aeea560d36b2f74aafee523d2d3fcf217887cb1466d498b8a1587a1eee6535dc093dbbb9c2ce1a044eb8fca1735699727ab236890f97770d3c
SSDEEP

6144:fiy5qrYP9ybTf7pmWlquCcOsqUAuKuXcu8q+8AaoK82Dn1bp5:a4T9ib1m2EWK7u8jnz52n115

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd9d4d7fc0b3b9968e96722d0e516930

Files

cd9d4d7fc0b3b9968e96722d0e516930
.exe windows:4 windows x86 arch:x86

094e0874062b6f08561b77e996ee74d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetFileSize
FindClose
QueryDosDeviceW
FindResourceW
SetEvent
WaitForMultipleObjects
CreateWaitableTimerW
GetTickCount
LoadLibraryW
ResumeThread
GlobalAlloc
DeleteFileW
GetDriveTypeW
LockResource
ReadFile
GetPrivateProfileStringW
SetEndOfFile
FindResourceExW
SetLastError
LoadResource
ExitProcess
FreeLibrary
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
CreateEventW
GetModuleHandleW
CreateFileW
SetCurrentDirectoryW
GetModuleFileNameW
GetProcAddress
GlobalUnlock
DuplicateHandle
WritePrivateProfileStringW
GetLocalTime
GetFileAttributesW
SetFilePointer
WriteFile
FindFirstFileW
Sleep
InterlockedDecrement
FindFirstChangeNotificationW

user32

CreatePopupMenu
OffsetRect
CreateWindowExW
RegisterClassExW
GetWindowDC
LoadBitmapW
GetCursorPos
SetCursor
SetCapture
EndDialog
SendDlgItemMessageW
UpdateWindow
LoadCursorW
EnableWindow
RegisterHotKey
SetWindowTextW
DestroyIcon
TrackPopupMenu
InvalidateRect
SetLayeredWindowAttributes
LoadImageW

gdi32

GetDeviceCaps
DeleteDC
SelectObject
DeleteObject
SetBkColor
GetMapMode
CreateSolidBrush
CreateDCW
GetClipBox
CreateCompatibleBitmap
CreatePen
SetBkMode

advapi32

SetSecurityDescriptorDacl
StartServiceW
LookupPrivilegeValueW

shell32

Shell_NotifyIconW

ole32

CoInitialize

Sections

.text
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

094e0874062b6f08561b77e996ee74d4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 252KB - Virtual size: 249KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 22KB

.text
Size: 252KB - Virtual size: 249KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 22KB