9aebdc2df013778265effb4ba080e23008fd08397e2b9b562ec142c9bd3bced1

Sharing

Copy URL

Twitter E-mail

General

Target

9aebdc2df013778265effb4ba080e23008fd08397e2b9b562ec142c9bd3bced1
Size

208KB
MD5

7407c3fb216df148955882837d25dca8
SHA1

62005c6c42fff060bed55b6e3fd321bc352b6a32
SHA256

9aebdc2df013778265effb4ba080e23008fd08397e2b9b562ec142c9bd3bced1
SHA512

f027ee3a0afe8777686f657a714df10b5afd07f19ff74bc3ab9f6057116e8f7a77c2c2e039a60494b8e2f512d75c08abc7d773b786fd6e6b8573990623532122
SSDEEP

6144:qa1oB/yvpK0JCmRcRRR8N0e2kXfCqNidkfk:qbapK0JCmRcU9vVokf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aebdc2df013778265effb4ba080e23008fd08397e2b9b562ec142c9bd3bced1

Files

9aebdc2df013778265effb4ba080e23008fd08397e2b9b562ec142c9bd3bced1
.exe windows:2 windows x86 arch:x86

e391eee2fda3671a828f8ce7165ca399

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetModuleHandleW
ConnectNamedPipe
GetModuleFileNameA
EnumTimeFormatsW
SuspendThread
GetWindowsDirectoryW
GetPriorityClass
lstrlen
CreateThread
GetSystemDefaultLangID
FlushFileBuffers
ReadDirectoryChangesW
GetDateFormatA
BeginUpdateResourceW
FreeResource
GetSystemDirectoryA
CreateMutexW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryW
FatalAppExitA
SetLocaleInfoW
GetProcessHeap
GetDiskFreeSpaceA
GetProcAddress
FindResourceA
GetOEMCP
lstrcpyW
GetThreadPriority
GlobalGetAtomNameW
MoveFileW
CompareStringA
LocalFree
MultiByteToWideChar
GetVersionExW
GetACP

user32

LoadMenuIndirectA
UnregisterClassW
GetClassInfoExW
RegisterClassA
GetClassNameA
LoadMenuW
DefDlgProcW
SetWindowRgn
GetParent
DialogBoxIndirectParamA
LoadMenuA
GetClassInfoW
DrawTextW
CreateDialogIndirectParamW
wvsprintfA
LoadCursorW
EnumWindows
DialogBoxIndirectParamW
CharNextW
FindWindowW
GetDCEx
GetSysColor
GetMenuStringW
GetTopWindow
LoadBitmapA
TrackPopupMenuEx
AppendMenuW
InsertMenuItemA
GetWindowRect
MessageBoxW
SetActiveWindow
EnumDesktopsA
CreatePopupMenu
FindWindowA
MessageBoxIndirectW
CreateAcceleratorTableW
CharLowerA
DeleteMenu
GetForegroundWindow
EnumDesktopWindows
EnumDesktopsW
CopyRect
OpenClipboard
GetDlgItemTextW
GetWindowLongW
GetMenuItemCount
CheckDlgButton
CreateAcceleratorTableA
WaitForInputIdle
DialogBoxParamW
PostQuitMessage
GetActiveWindow
CreateCaret
RegisterWindowMessageW
GetClassNameW
GetMenuItemInfoA
EndMenu
WinHelpA
SetCapture
SetTimer
CreateMenu
CreateDialogParamA
SendDlgItemMessageA
LoadCursorA
DefWindowProcW
EnumDesktopsA
SetMenu

gdi32

GetBrushOrgEx
StrokeAndFillPath
CreateFontW
GetEnhMetaFilePixelFormat
GetPixel
GetViewportOrgEx
CreateDCA
CopyMetaFileW
AbortPath
RemoveFontResourceA
GetKerningPairsA
EnumFontFamiliesExW
AddFontResourceW
Rectangle
GetDeviceGammaRamp
PolyPolygon
RectInRegion
GetGlyphIndicesA
CreatePolygonRgn
SetColorSpace
SetMetaFileBitsEx
CreateBitmap
OffsetRgn
EndDoc
CreateDIBPatternBrush
PlayEnhMetaFile
RestoreDC
GetCharWidth32W
PaintRgn
StartFormPage

advapi32

RegDeleteKeyW
RegOpenKeyA
RegQueryMultipleValuesW
RegEnumValueW
RegSetValueA
RegEnumKeyExA
RegCreateKeyExA
RegRestoreKeyW
RegCloseKey
RegEnumKeyA
RegEnumKeyW
RegDeleteValueA
RegQueryValueW
RegReplaceKeyW
RegFlushKey
CryptSetProviderA
RegOpenKeyW
RegEnumValueA

shell32

ExtractIconExA

comctl32

ImageList_SetImageCount
ImageList_Duplicate
FlatSB_EnableScrollBar
DllGetVersion
ImageList_SetBkColor
InitCommonControls
ImageList_GetBkColor

comdlg32

FindTextA
LoadAlterBitmap
ReplaceTextW
GetFileTitleW
GetSaveFileNameW
ReplaceTextA

oleaut32

VarR8FromDisp
VarUI1FromStr
VarDateFromUI8
OleLoadPictureFile
VarUI1FromDisp
VarUI8FromCy

wininet

GopherGetLocatorTypeA
ShowCertificate
HttpQueryInfoA
SetUrlCacheHeaderData
FindFirstUrlCacheContainerA
GetUrlCacheEntryInfoA
FindNextUrlCacheContainerA
DeleteUrlCacheEntry
InternetGetConnectedState
GetUrlCacheConfigInfoW
InternetConfirmZoneCrossing
InternetGetConnectedStateEx
InternetCreateUrlA
CreateUrlCacheEntryA
InternetSetPerSiteCookieDecisionW
InternetSetOptionW
RetrieveUrlCacheEntryFileW
FindCloseUrlCache
UrlZonesDetach

urlmon

IsValidURL
CoInternetCreateSecurityManager
URLDownloadToCacheFileW
Extract
MkParseDisplayNameEx
GetMarkOfTheWeb
CopyStgMedium
HlinkNavigateMoniker

wsock32

GetAddressByNameA
GetAddressByNameW
s_perror
WSAAsyncGetProtoByNumber
socket
WSAAsyncGetHostByName
send
AcceptEx
shutdown

crypt32

CertFreeCRLContext
CertGetIntendedKeyUsage
CertGetNameStringW
PFXExportCertStoreEx
CryptVerifyMessageHash
CertGetIssuerCertificateFromStore
I_CryptEnableLruOfEntries
I_CryptGetAsn1Decoder
CertEnumSystemStoreLocation
I_CryptSetTls

Sections

.ehkoKk
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WbOYt
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jVQpnF
Size: 1KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MAgzG
Size: 109KB - Virtual size: 217KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e391eee2fda3671a828f8ce7165ca399

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

comdlg32

oleaut32

wininet

urlmon

wsock32

crypt32

Sections

.ehkoKk Size: 2KB - Virtual size: 20KB

.WbOYt Size: 16KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 6KB

.jVQpnF Size: 1KB - Virtual size: 49KB

.MAgzG Size: 109KB - Virtual size: 217KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 4KB

.ehkoKk
Size: 2KB - Virtual size: 20KB

.WbOYt
Size: 16KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 6KB

.jVQpnF
Size: 1KB - Virtual size: 49KB

.MAgzG
Size: 109KB - Virtual size: 217KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 4KB