9cb35811082c0d052f687ad18be9d48b6c732d4c7ff8e064bc8f48a4520c0163N

Sharing

Copy URL Twitter E-mail

General

Target

9cb35811082c0d052f687ad18be9d48b6c732d4c7ff8e064bc8f48a4520c0163N
Size

173KB
MD5

b35fb8f0c0cf0352760596e5c2870cd0
SHA1

3ee365bce0ffdda0622c4849a0155e22b5682991
SHA256

9cb35811082c0d052f687ad18be9d48b6c732d4c7ff8e064bc8f48a4520c0163
SHA512

ef57a6b877ddc098cdd6b20f704841a0145151962c7fd0af862d92fa3da89fb43c450f86f8056780f611d7090c5026af72d020dc480e4328d5abf23224992057
SSDEEP

3072:yBswCjjtN8Iv7j6SC2xzNWJyP2mSGPPVWqwplk9uvdktw4yuAWw:ySJpNBzdNW9mSGPPUqwplkMvW+h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9cb35811082c0d052f687ad18be9d48b6c732d4c7ff8e064bc8f48a4520c0163N

Files

9cb35811082c0d052f687ad18be9d48b6c732d4c7ff8e064bc8f48a4520c0163N
.exe windows:4 windows x86 arch:x86

7d9d47b997ae0d7760502b60b3bfe96f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathAppendW

ole32

StgCreateDocfileOnILockBytes
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemFree
OleIsCurrentClipboard
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
CoInitialize
CoCreateInstance
CreateILockBytesOnHGlobal
OleInitialize
CoRegisterMessageFilter
CoUninitialize
CoRevokeClassObject
OleFlushClipboard
CLSIDFromProgID
CLSIDFromString

gdi32

GetBkColor
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SetViewportOrgEx
PtVisible
GetMapMode
SetWindowExtEx
GetTextColor
RectVisible
Escape
TextOutW
OffsetViewportOrgEx
ExtSelectClipRgn
DeleteDC
GetDeviceCaps
GetStockObject
ExtTextOutW
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

GetLocaleInfoW
WideCharToMultiByte
GetCalendarInfoW
CreateFileW
MultiByteToWideChar
LocalFileTimeToFileTime
LoadLibraryW
FindFirstFileW
MoveFileW
GetVersion
SetFileTime
ReadFile
GetThreadContext
SystemTimeToFileTime
GetFileAttributesW
GetSystemDefaultLangID
FindClose
DeleteFileW
EnumResourceNamesA
SetFilePointer
ExitProcess
InterlockedDecrement
WriteFile
lstrcpyW
ConvertDefaultLocale
GetCurrentProcessId
FindNextFileW
EnumResourceLanguagesW
RemoveDirectoryW
CreateDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
GetProcAddress

user32

CopyAcceleratorTableW
WinHelpW
SendDlgItemMessageA
GetNextDlgTabItem
CharUpperW
SetRect
GetClassLongW
SetPropW
CreateWindowExW
MessageBeep
RegisterWindowMessageW
IsRectEmpty
CharNextW
RemovePropW
GetClassInfoExW
GetNextDlgGroupItem
GetPropW
InvalidateRect
InvalidateRgn
DestroyMenu

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d9d47b997ae0d7760502b60b3bfe96f

Headers

File Characteristics

Imports

advapi32

shlwapi

ole32

gdi32

shell32

kernel32

user32

oleacc

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 96KB