9ef0f860c94d3d63628c89be6107aa325d92c1fc2576e6e4ed6a821abc5d5591

Sharing

Copy URL Twitter E-mail

General

Target

9ef0f860c94d3d63628c89be6107aa325d92c1fc2576e6e4ed6a821abc5d5591
Size

1.6MB
MD5

3b542453bec21d2e5eb3d75b348945ad
SHA1

fae305868121c37a7824cec243e3d2322d83d479
SHA256

9ef0f860c94d3d63628c89be6107aa325d92c1fc2576e6e4ed6a821abc5d5591
SHA512

1f1783ff1b3618620dd550db51d1a02daa3817fce86f84e4346c6d03fc112f5afec08d35794d6ecf1f217a1598408c369c6f5ab2733a8a741a1da0859dbe8d48
SSDEEP

49152:gPib9Ojd3kdDVT7JriP7KZnkIW077gPT23iOj11diiZT+eoS0X+Fz:G69OjlqpVQ8nkIWQ2eiOp1ZT+ZpXs

Score

10^/10

Malware Config

Signatures

Detects executables packed with NoopyProtect 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_NoobyProtect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ef0f860c94d3d63628c89be6107aa325d92c1fc2576e6e4ed6a821abc5d5591

Files

9ef0f860c94d3d63628c89be6107aa325d92c1fc2576e6e4ed6a821abc5d5591
.dll windows:5 windows x86 arch:x86

21c5239d130718ee13cd1b47ab208ae4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

midiStreamRestart

ws2_32

WSAAsyncSelect

kernel32

MultiByteToWideChar

user32

GetClassInfoA

gdi32

GetClipBox

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

GetSaveFileNameA

msvcrt

malloc

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

Aacsmdklcxzvd

Sections

.text
Size: 304KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SE
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c5239d130718ee13cd1b47ab208ae4

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 304KB - Virtual size: 776KB

SE Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

SE Size: 4KB - Virtual size: 4KB

.text
Size: 304KB - Virtual size: 776KB

SE
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

SE
Size: 4KB - Virtual size: 4KB