9ef2d114c329c169e7b62f89a02d3f7395cb487fcd6cff4e7cac1eb198407ba6

Sharing

Copy URL

Twitter E-mail

General

Target

9ef2d114c329c169e7b62f89a02d3f7395cb487fcd6cff4e7cac1eb198407ba6
Size

690KB
MD5

091cd6e1b1addd88794b7ea0dd09750d
SHA1

97f4863b80f584d5505e799661976f588624b383
SHA256

9ef2d114c329c169e7b62f89a02d3f7395cb487fcd6cff4e7cac1eb198407ba6
SHA512

329d46c568434044dacf0ff0edcc43200f52703fc1e9aad7fea852a3af6f35c2e650ea4f8888e87f2172927bb53bcc9c4110d84c00513a09d906600d53dbda87
SSDEEP

12288:sDexCTwCa7oWfjPAR0lcC3v91uTW56thtG/YiLWsLxY59X6Cf1weRPS3GWp44h1l:sDfUCaMWr4R03eSau/UwiBtwec3GUh1l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ef2d114c329c169e7b62f89a02d3f7395cb487fcd6cff4e7cac1eb198407ba6

Files

9ef2d114c329c169e7b62f89a02d3f7395cb487fcd6cff4e7cac1eb198407ba6
.exe windows:5 windows x86 arch:x86

549417d9b9138bfe47590924727e2fad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SystemTimeToTzSpecificLocalTime
InterlockedIncrement
GetConsoleAliasA
GetModuleHandleExW
GetTimeFormatA
ConnectNamedPipe
GetTickCount
SetFileTime
GlobalAlloc
GetLocaleInfoW
GetSystemTimeAdjustment
GetFileAttributesA
GetFileAttributesW
SetTimeZoneInformation
FindResourceW
GetAtomNameW
lstrcatA
RaiseException
GetLastError
GetProcAddress
OpenWaitableTimerA
SetConsoleOutputCP
FindAtomA
GlobalFindAtomW
SetConsoleCursorInfo
GetModuleHandleA
LoadLibraryExA
FileTimeToLocalFileTime
GetCurrentProcessId
TerminateProcess
MapViewOfFile
GetModuleHandleW
Sleep
ExitProcess
GetStartupInfoW
RtlUnwind
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

RegCreateKeyW

Exports

Exports

Linear

Sections

.text
Size: 610KB - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 57.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.luwa
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

549417d9b9138bfe47590924727e2fad

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 610KB - Virtual size: 610KB

.data Size: 19KB - Virtual size: 57.4MB

.luwa Size: 512B - Virtual size: 377B

.tls Size: 512B - Virtual size: 9B

.new Size: 16KB - Virtual size: 16KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 610KB - Virtual size: 610KB

.data
Size: 19KB - Virtual size: 57.4MB

.luwa
Size: 512B - Virtual size: 377B

.tls
Size: 512B - Virtual size: 9B

.new
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 33KB - Virtual size: 33KB