9f5f3a9ce156213445d08d1a9ea99356d2136924dc28a8ceca6d528f9dbd718b

Sharing

Copy URL Twitter E-mail

General

Target

9f5f3a9ce156213445d08d1a9ea99356d2136924dc28a8ceca6d528f9dbd718b
Size

100KB
MD5

4489e8cb847cccf4d2d87ee3372e8235
SHA1

7361bf3f82b289c811e7c22b8115f277da4bd8e6
SHA256

9f5f3a9ce156213445d08d1a9ea99356d2136924dc28a8ceca6d528f9dbd718b
SHA512

89e2e20889e85fdfdb11428212e69fac34ab7c1de088ce19a34b91de2614d6e5b9591dc871dfd4ca4708f337f23263746c318b42f290849a67f42bc303265a8e
SSDEEP

3072:fdV4slIuC0BAUaueI7qnWWDncuE7rQOVtMlfSCp:fdiImUuE7rvKl5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f5f3a9ce156213445d08d1a9ea99356d2136924dc28a8ceca6d528f9dbd718b

Files

9f5f3a9ce156213445d08d1a9ea99356d2136924dc28a8ceca6d528f9dbd718b
.exe windows:5 windows x86 arch:x86

14eb08ff37cc78f93cb1c4a1c7761a3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
DeleteFileA
CopyFileA
GetModuleFileNameA
SetNamedPipeHandleState
CreateFileA
GetCurrentProcess
SetEndOfFile
CreateFileW
HeapSize
GetModuleHandleA
GetProcAddress
OpenProcess
DuplicateHandle
GetCurrentThread
CloseHandle
ReleaseSemaphore
CreateSemaphoreA
CreateMutexA
ReleaseMutex
Sleep
ReadFile
WriteFile
GetLastError
GetStdHandle
CreatePipe
SetHandleInformation
CreateThread
WaitNamedPipeA
WaitForSingleObject
GetStringTypeW
LCMapStringW
SetStdHandle
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapReAlloc
HeapAlloc
WideCharToMultiByte
DecodePointer
EncodePointer
SetConsoleCtrlHandler
MultiByteToWideChar
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
GetModuleFileNameW
LoadLibraryW
GetProcessHeap

user32

CreateDesktopA
GetUserObjectInformationA
SetProcessWindowStation
CreateWindowStationA
GetProcessWindowStation

advapi32

LookupPrivilegeValueA
LookupAccountSidA
ControlService
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
DeleteService
CloseServiceHandle
DuplicateTokenEx
SetTokenInformation
OpenProcessToken
OpenThreadToken
GetTokenInformation
LookupPrivilegeNameA
ImpersonateLoggedOnUser
RevertToSelf
CreateProcessAsUserA
AdjustTokenPrivileges

ole32

CoCreateGuid
StringFromGUID2

mpr

WNetCancelConnection2A
WNetAddConnection2A

netapi32

NetApiBufferFree
NetGroupAddUser
NetLocalGroupAddMembers
NetShareEnum
NetUserAdd

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 453B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14eb08ff37cc78f93cb1c4a1c7761a3a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

mpr

netapi32

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 13KB - Virtual size: 32KB

.tls Size: 512B - Virtual size: 453B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 13KB - Virtual size: 32KB

.tls
Size: 512B - Virtual size: 453B

.reloc
Size: 5KB - Virtual size: 5KB