9b2577558299dd93c8a3af136af0082e81375c0a99c92b0f50e2d749d4ea4de2

General

Target

9b2577558299dd93c8a3af136af0082e81375c0a99c92b0f50e2d749d4ea4de2
Size

43KB
MD5

412da5050e0cb2e1740940ccc50deb3f
SHA1

f47022e137c9e000acaa917cb0ea1e6f2a58c120
SHA256

9b2577558299dd93c8a3af136af0082e81375c0a99c92b0f50e2d749d4ea4de2
SHA512

3524278a4f4064665d77045ccae0a0887e17e20a8c624f2fead895c6e7127415e6be1711f0a41d081958acdd079ffb2cc1a55bfa470684d9a7d3718d78b89106
SSDEEP

768:3rV2SOzhYzlqnWVqB0xKTveBe6VTdTl9wg4ele0pP:3rBQh7xTveBewSr09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b2577558299dd93c8a3af136af0082e81375c0a99c92b0f50e2d749d4ea4de2

Files

9b2577558299dd93c8a3af136af0082e81375c0a99c92b0f50e2d749d4ea4de2
.exe windows:4 windows x86 arch:x86

73a5e7cd9f2a30972ab0cd91c6601b4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
FreeLibrary
lstrcpynA
DeleteFileA
GetStringTypeW
CloseHandle
GetLastError
lstrcatA
lstrlenA
GetStringTypeA
SetLastError
lstrcmpA
GetCommandLineA
GetDateFormatA
GetFileAttributesA
Sleep
HeapFree
GetModuleHandleA

user32

DrawIconEx
DialogBoxParamW
CopyIcon
AlignRects
LoadMenuA
BlockInput
CopyImage
IsMenu
GetFocus
InsertMenuA
CopyRect
DrawTextA
AppendMenuA
GetCursor
DialogBoxParamA
CloseWindow
AppendMenuW
GetMenu
DrawIcon

comctl32

ImageList_LoadImageA
ImageList_DragLeave
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_ReplaceIcon
ImageList_LoadImage
ImageList_GetIcon
ImageList_AddMasked
InitCommonControls
ImageList_BeginDrag
ImageList_DrawEx
ImageList_Draw
ImageList_Replace
ImageList_GetImageRect
ImageList_Create
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_Merge

advapi32

RegReplaceKeyW
RegQueryValueExW
RegEnumKeyExA
RegLoadKeyW
RegEnumValueW
RegQueryValueA
RegDeleteValueA
RegEnumKeyW
RegLoadKeyA
RegOpenKeyA
RegCreateKeyExA
RegReplaceKeyA
RegDeleteKeyW
RegEnumKeyExW
RegDeleteKeyA
RegQueryInfoKeyW
RegFlushKey

Sections

.Vvrn
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TskbJQ
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TPNxaO
Size: 1KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ODKvx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73a5e7cd9f2a30972ab0cd91c6601b4b

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.Vvrn Size: 10KB - Virtual size: 10KB

.TskbJQ Size: 25KB - Virtual size: 24KB

.TPNxaO Size: 1KB - Virtual size: 55KB

.ODKvx Size: 2KB - Virtual size: 2KB

.Vvrn
Size: 10KB - Virtual size: 10KB

.TskbJQ
Size: 25KB - Virtual size: 24KB

.TPNxaO
Size: 1KB - Virtual size: 55KB

.ODKvx
Size: 2KB - Virtual size: 2KB