9a1d8d8b38b55e3b98ed9d9e426bd5abb3acae3d11fdc7443c5895fa6452accb

Sharing

Copy URL Twitter E-mail

General

Target

9a1d8d8b38b55e3b98ed9d9e426bd5abb3acae3d11fdc7443c5895fa6452accb
Size

3.3MB
MD5

67c2c90cf1d6ecfd9e1ddefc39e9b87a
SHA1

09ce3fd96dbe6ed28a80154a514159c9e04b46e4
SHA256

9a1d8d8b38b55e3b98ed9d9e426bd5abb3acae3d11fdc7443c5895fa6452accb
SHA512

e69a51afda589962ffda7ceedd3025a20eddb7c692af4592d4ed9d05609306ba33a4503c5707607341e2df92c3acf3ef54e0e7945eb2fc7f5b13df1fe9295432
SSDEEP

49152:rP8DT4/usmWQbaj6shbnHlliVG/ldRoXY2AvJSWOmZsgJ8b4YT/nQeN6hSznlbYI:x/KRirlYgnOvNxW8bpxxhR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a1d8d8b38b55e3b98ed9d9e426bd5abb3acae3d11fdc7443c5895fa6452accb

Files

9a1d8d8b38b55e3b98ed9d9e426bd5abb3acae3d11fdc7443c5895fa6452accb
.exe windows:4 windows x86 arch:x86

7980857acd88d7d6209e875f979df38f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
IsDBCSLeadByte
SetLastError
GlobalFree
GlobalHandle
lstrcmpA
MulDiv
GetModuleFileNameA
FreeLibrary
LoadLibraryExA
GetModuleHandleA
FindFirstFileW
CreateFileW
CreateFileA
SetEndOfFile
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetCurrentProcessId
GetTickCount
lstrcmpiA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
HeapSize
Sleep
ExitProcess
LeaveCriticalSection
HeapDestroy
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
VirtualQuery
GetSystemInfo
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LocalFree
VirtualAlloc
VirtualFree
InterlockedIncrement
GetLastError
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
QueryPerformanceCounter
InitializeCriticalSection
EnterCriticalSection
MultiByteToWideChar
lstrlenA
InterlockedDecrement
RaiseException
FindResourceA
LoadResource
SizeofResource
LockResource
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
VirtualProtect
GetProcAddress
GetFileSizeEx
SetFilePointerEx
GetFileAttributesW
ReadFile
GetCurrentThread
SetThreadPriority
SetPriorityClass
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
HeapCreate
FreeResource
FindClose

user32

GetParent
UnregisterClassA
SetWindowPos
GetWindowLongA
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
SetWindowLongA
ShowWindow
MapWindowPoints
GetDlgItem
GetSystemMetrics
GetActiveWindow
SetWindowContextHelpId
MapDialogRect
DialogBoxParamA
PostQuitMessage
LoadImageA
IsDialogMessageA
KillTimer
SetTimer
MessageBoxA
CreateAcceleratorTableA
CreateWindowExA
IsWindow
SendMessageA
GetDesktopWindow
SetFocus
GetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
EndDialog
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
GetSysColor
CreateDialogIndirectParamA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DestroyWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CharNextA
DefWindowProcA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadStringA

gdi32

GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA
ShellExecuteExA
SHChangeNotify

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
LoadTypeLi

comctl32

InitCommonControlsEx

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7980857acd88d7d6209e875f979df38f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 3.1MB - Virtual size: 3.1MB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 3.1MB - Virtual size: 3.1MB