c9b0cbd6f38c15fd4b59a9aca036fa36d55545bdfe6731e1834bca90e08e4a5c | Triage

Sharing

General

Target

c9b0cbd6f38c15fd4b59a9aca036fa36d55545bdfe6731e1834bca90e08e4a5c
Size

1.9MB
MD5

d80257a835b31b343fef3d46542389a1
SHA1

cf690538f07f07509c0d10f0832d20f5ccde8f74
SHA256

c9b0cbd6f38c15fd4b59a9aca036fa36d55545bdfe6731e1834bca90e08e4a5c
SHA512

5314922cf90161e62868ce83c768574505b3afcfe50713a51dfca2a8f70d6eb00fe91fff9a429e793b4997b68d325d01d0f3f542c1a15de8031fa114387e4b12
SSDEEP

49152:2kZLFg4HNIDA/ZKfOa+DlGs0AMhUsw/rdN:5Z5gkgA/ZQOa+Riqswj/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9b0cbd6f38c15fd4b59a9aca036fa36d55545bdfe6731e1834bca90e08e4a5c

Files

c9b0cbd6f38c15fd4b59a9aca036fa36d55545bdfe6731e1834bca90e08e4a5c
.exe windows:6 windows x64 arch:x64

ee93ddebbf5258fb8be12e5333dca258

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegSetValueExA

shell32

SHGetFolderPathW

Sections

.text
Size: 611KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ