9fa872bcd2ac932799a53c0f34d4da3bd1234c131642a67a5f08b12f3c85fe50

Sharing

Copy URL Twitter E-mail

General

Target

9fa872bcd2ac932799a53c0f34d4da3bd1234c131642a67a5f08b12f3c85fe50
Size

174KB
MD5

ae6245491e248a3311b26da033cc5291
SHA1

9e3dd4b259d3e55938969e5da0864db825792e2d
SHA256

9fa872bcd2ac932799a53c0f34d4da3bd1234c131642a67a5f08b12f3c85fe50
SHA512

66b332f95f0d9e9476ab6f0f1423fab2657ea7e1019b636a9b1655fff8d744c76fbd1f8de9c1268a449c095f049771388c667ba2af87d4f4b61bf2b66a68bae7
SSDEEP

3072:uhEJsN6YGWdgOaqHqNDnGOb+ahXNqJohePnq45L844lZa5eQs+yHPe:SmYGWANDGOb+asEwv5LIIeQ/yHm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fa872bcd2ac932799a53c0f34d4da3bd1234c131642a67a5f08b12f3c85fe50

Files

9fa872bcd2ac932799a53c0f34d4da3bd1234c131642a67a5f08b12f3c85fe50
.exe windows:6 windows x86 arch:x86

95bb6171e0663e22baf8d57d4da6007d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

iexpress.pdb

Imports

kernel32

WritePrivateProfileSectionA
GetFullPathNameA
GetPrivateProfileSectionA
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
GetSystemInfo
GetShortPathNameA
WriteFile
DeleteFileA
ReadFile
FormatMessageA
GetLastError
GetExitCodeProcess
CreateProcessA
GetUserDefaultUILanguage
CopyFileA
_llseek
_lread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileInformationByHandle
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalLock
SetLastError
_lwrite
FreeResource
LockResource
CompareStringA
SizeofResource
FindResourceExA
GetTickCount
_lclose
MoveFileA
GetTempPathA
GetTempFileNameA
EnumResourceLanguagesA
EnumResourceNamesA
FreeLibrary
EnumResourceTypesA
LoadLibraryExA
GetCurrentDirectoryA
GetSystemTime
MultiByteToWideChar
WideCharToMultiByte
lstrcmpiA
LocalAlloc
GetModuleFileNameA
GetVersionExA
lstrlenA
WritePrivateProfileStringA
GetPrivateProfileIntA
FindFirstFileA
FindClose
GetPrivateProfileStringA
lstrcmpA
CreateFileA
CloseHandle
LocalFree
GetModuleHandleW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDBCSLeadByte
GetProcAddress
LoadResource
GetVersion

gdi32

GetStockObject
DeleteObject
GetDeviceCaps
GetObjectA
CreateFontIndirectA
CreateFontIndirectW

user32

GetWindowRect
CheckRadioButton
CharPrevA
CheckDlgButton
IsDlgButtonChecked
GetDlgItemTextA
SetDlgItemTextA
PostMessageA
SetFocus
MessageBeep
MessageBoxA
GetSystemMetrics
SendDlgItemMessageA
CharNextA
GetDC
ReleaseDC
SendMessageA
LoadStringA
MsgWaitForMultipleObjects
DispatchMessageA
PeekMessageA
GetParent
GetDlgItem
EnableWindow
CallWindowProcA
GetWindowLongA
SetWindowLongA
ShowWindow
SystemParametersInfoW

msvcrt

__set_app_type
__p__fmode
__setusermatherr
_amsg_exit
_initterm
_acmdln
_controlfp
_except_handler4_common
__p__commode
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
memcpy
wcsncmp
mbstowcs
malloc
free
_splitpath_s
memcpy_s
_itoa
strtok
toupper
_itoa_s
strtoul
strchr
memset
_vsnprintf
?terminate@@YAXXZ

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imagehlp

CheckSumMappedFile

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95bb6171e0663e22baf8d57d4da6007d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

msvcrt

comctl32

comdlg32

version

imagehlp

advapi32

Sections

.text Size: 53KB - Virtual size: 53KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 86KB - Virtual size: 85KB

.reloc Size: 31KB - Virtual size: 32KB

.text
Size: 53KB - Virtual size: 53KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 86KB - Virtual size: 85KB

.reloc
Size: 31KB - Virtual size: 32KB