9552d796fd9e3dbdaa972633017ffe00N

Sharing

Copy URL

Twitter E-mail

General

Target

9552d796fd9e3dbdaa972633017ffe00N
Size

1.5MB
MD5

9552d796fd9e3dbdaa972633017ffe00
SHA1

ba93c2f9f65dc38b4f68f232dd7c70f2ebf1ebb4
SHA256

7cc456aa93970c32c172122a86c8f480556d01078304179904b91fcffd1f8aef
SHA512

7d338f1dcd3f3b7b43cd8249e89d15e277bfbd42a59ea2d0b12d8c39be223b3fcbc0eece3ab544d6bc7a0d8d0c4db385f92279ec23246522951c9c67bb143a09
SSDEEP

24576:cOPIm+pMimSNnZqpU74cwKcXMNOlnNaWD9OHG28ywoIBOLYJsMq:cOPIm+pMimvU74xjMNOln3ROHG28ywo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9552d796fd9e3dbdaa972633017ffe00N

Files

9552d796fd9e3dbdaa972633017ffe00N
.exe windows:4 windows x64 arch:x64

949c4e8c328d81702e31dc1167efb6fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
__C_specific_handler

msvcrt

__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_fmode
_initterm
_onexit
_write
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf

libgio-2.0-0

g_action_change_state
g_action_get_name
g_action_get_state
g_action_map_add_action
g_action_map_add_action_entries
g_application_run
g_file_load_contents
g_settings_create_action
g_settings_get
g_settings_get_boolean
g_settings_new
g_settings_set
g_settings_set_boolean
g_simple_action_set_state
g_static_resource_fini
g_static_resource_get_resource
g_static_resource_init

libglib-2.0-0

g_error_free
g_free
g_intern_static_string
g_once_init_enter_pointer
g_once_init_leave_pointer
g_strdup_printf
g_variant_get_boolean
g_variant_get_string
g_variant_new_boolean
g_variant_unref

libgobject-2.0-0

g_object_get_data
g_object_new
g_object_ref
g_object_set
g_object_set_data_full
g_object_unref
g_signal_connect_data
g_type_class_adjust_private_offset
g_type_class_peek_parent
g_type_register_static_simple

libgtk-3-0

gtk_application_get_type
gtk_application_get_windows
gtk_application_set_app_menu
gtk_application_set_menubar
gtk_application_window_get_type
gtk_builder_add_from_resource
gtk_builder_get_object
gtk_builder_new
gtk_file_chooser_get_file
gtk_file_chooser_native_new
gtk_get_major_version
gtk_get_micro_version
gtk_get_minor_version
gtk_label_set_text
gtk_menu_new_from_model
gtk_menu_tool_button_set_menu
gtk_message_dialog_new
gtk_native_dialog_destroy
gtk_native_dialog_show
gtk_settings_get_default
gtk_show_about_dialog
gtk_statusbar_pop
gtk_statusbar_push
gtk_text_buffer_get_char_count
gtk_text_buffer_get_insert
gtk_text_buffer_get_iter_at_mark
gtk_text_buffer_set_text
gtk_text_iter_get_line
gtk_text_iter_get_line_offset
gtk_widget_class_bind_template_callback_full
gtk_widget_class_bind_template_child_full
gtk_widget_class_set_template_from_resource
gtk_widget_destroy
gtk_widget_hide
gtk_widget_init_template
gtk_widget_show
gtk_window_fullscreen
gtk_window_get_size
gtk_window_maximize
gtk_window_present
gtk_window_set_default_size
gtk_window_set_hide_titlebar_when_maximized

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.5MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 448B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

949c4e8c328d81702e31dc1167efb6fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

libgio-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-3-0

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 992B

.rdata Size: 1.5MB - Virtual size: 1.4MB

.pdata Size: 1024B - Virtual size: 972B

.xdata Size: 1024B - Virtual size: 736B

.bss Size: - Virtual size: 448B

.idata Size: 5KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 208B

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 992B

.rdata
Size: 1.5MB - Virtual size: 1.4MB

.pdata
Size: 1024B - Virtual size: 972B

.xdata
Size: 1024B - Virtual size: 736B

.bss
Size: - Virtual size: 448B

.idata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 208B