9bb6b8edd24eb62f5d437506c377c580N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9bb6b8edd24eb62f5d437506c377c580N.exe
Size

624KB
MD5

9bb6b8edd24eb62f5d437506c377c580
SHA1

95db31aa9c077409eff4feea51c0e8490f4adb4c
SHA256

be321e722befedd065c17583da4e1603b07abf4d71ed54e482823a5e147b90fd
SHA512

7e5ef6aedd2fc3d96c32d88a4d967bda777967cf16e07e00529d244d4d090455fd1767cdd0980ab19ba48d6d4292631c023ff83c4fee5a5942ec25db0671c798
SSDEEP

12288:7IWN4Y2CAdwp/zWIWN4Y2CAdwp/zWIWN4Y2CAdwp/z:75GYswp/C5GYswp/C5GYswp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bb6b8edd24eb62f5d437506c377c580N.exe

Files

9bb6b8edd24eb62f5d437506c377c580N.exe
.exe windows:4 windows x86 arch:x86

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
DosDateTimeToFileTime
GetLogicalDriveStringsA
CreateNamedPipeW
GetModuleHandleA
SetCalendarInfoA
MultiByteToWideChar
GetVersionExA
TlsAlloc

user32

GetClassNameA
GetMenuItemInfoW
GetTopWindow
GetDlgItem
SetDlgItemTextW
SetActiveWindow
CloseWindow
LoadMenuA
IsWindow
GetWindowRect
UnregisterClassW
DeleteMenu
RegisterClassW
CreateAcceleratorTableA
WinHelpW
CreateWindowExA
CreatePopupMenu
InsertMenuItemA
EnableWindow
CreateDialogIndirectParamW
GetForegroundWindow
SendDlgItemMessageA
CheckMenuItem
ClientToScreen
SendMessageA
wvsprintfA
GetSysColorBrush
InvalidateRgn
MessageBeep
GetScrollPos
InvalidateRect
DefDlgProcA
ActivateKeyboardLayout
TrackPopupMenuEx
GetDCEx
CallWindowProcA
SetWindowRgn

gdi32

CreateEnhMetaFileA
ResetDCA
GetCharWidthW
CreateEnhMetaFileW
GetLayout
PolylineTo
GetColorSpace
GetTextExtentExPointW

advapi32

RegDeleteKeyA
RegOpenKeyW
RegDeleteValueA
RegCreateKeyExW
RegOpenKeyW
RegReplaceKeyA

shlwapi

PathRemoveBackslashA
DllGetVersion
PathBuildRootA
SHDeleteValueW
StrStrNW
PathCommonPrefixW
SHRegSetUSValueW
PathRemoveBlanksA
StrRChrIA
SHCreateStreamOnFileEx
UrlGetLocationA

comdlg32

GetSaveFileNameA
LoadAlterBitmap
ChooseFontA
GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

oleaut32

VarI4FromUI1
VarBstrFromR8
VarUI1FromR8
VarUI1FromStr
VarDateFromDisp
VarIdiv
VectorFromBstr

Sections

.FrbNhz
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oMkBIA
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YsUsFU
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kJecJt
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bl
Size: 5KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comdlg32

oleaut32

Sections

.FrbNhz Size: 11KB - Virtual size: 10KB

.oMkBIA Size: 3KB - Virtual size: 26KB

.YsUsFU Size: 2KB - Virtual size: 51KB

.kJecJt Size: 13KB - Virtual size: 12KB

.bl Size: 5KB - Virtual size: 296KB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 1024B - Virtual size: 964B

.FrbNhz
Size: 11KB - Virtual size: 10KB

.oMkBIA
Size: 3KB - Virtual size: 26KB

.YsUsFU
Size: 2KB - Virtual size: 51KB

.kJecJt
Size: 13KB - Virtual size: 12KB

.bl
Size: 5KB - Virtual size: 296KB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 1024B - Virtual size: 964B