9b56731dc5720b2167a833e89ff15281e02f166181cbfd5f079130f358967a64

Sharing

Copy URL Twitter E-mail

General

Target

9b56731dc5720b2167a833e89ff15281e02f166181cbfd5f079130f358967a64
Size

9.6MB
MD5

1cb46a868539c5f2e76cc2da97ff1912
SHA1

5a7956cf0235f8809e075db1a445a5f59ee18ed5
SHA256

9b56731dc5720b2167a833e89ff15281e02f166181cbfd5f079130f358967a64
SHA512

8062ba1ef19b5e562f18833197a3e326fd0023c54c3a85caa8b58dde503dd4dfae658a146f95cfc698e3d0a78ccf6e3315bf76c130570075bf18f8dec97318c9
SSDEEP

196608:asH1yAMrU7ANXgkrH23+zVWAL4U82NTPjkfDigi8C2IttmHIjMQ4X0zOVj:am1fAZgkz23GpLeUO+gi8C16opDzyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b56731dc5720b2167a833e89ff15281e02f166181cbfd5f079130f358967a64

Files

9b56731dc5720b2167a833e89ff15281e02f166181cbfd5f079130f358967a64
.exe windows:4 windows x86 arch:x86

43abeab8f54fe4ea8aacb47c168df93b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

ws2_32

WSACleanup

mathlib

?angle15@@YANN@Z

hasp_windows_107479

ord2

wininet

FtpCommandW

version

VerQueryValueW

winmm

PlaySoundW

gdiplus

GdipFree

oleaut32

SafeArrayGetUBound

ole32

OleRun

oledlg

OleUIBusyW

shlwapi

PathIsUNCW

comctl32

_TrackMouseEvent

winspool.drv

GetJobW

comdlg32

GetFileTitleW

msimg32

TransparentBlt

gdi32

Arc

dbghelp

StackWalk

Exports

Exports

InitCrashReport
UnInitCrashReport

Sections

.AKS1
Size: 5.4MB - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 4.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

43abeab8f54fe4ea8aacb47c168df93b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

ws2_32

mathlib

hasp_windows_107479

wininet

version

winmm

gdiplus

oleaut32

ole32

oledlg

shlwapi

comctl32

winspool.drv

comdlg32

msimg32

gdi32

dbghelp

Exports

Exports

Sections

.AKS1 Size: 5.4MB - Virtual size: 13.8MB

.AKS2 Size: 4.0MB - Virtual size: 6.0MB

.AKS3 Size: 1KB - Virtual size: 1KB

.rsrc Size: 180KB - Virtual size: 180KB

.AKS1
Size: 5.4MB - Virtual size: 13.8MB

.AKS2
Size: 4.0MB - Virtual size: 6.0MB

.AKS3
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 180KB - Virtual size: 180KB