9a923eb389bf1c51d9a53cc52951dcbc2bd4f2ac2cb810295e201987031a6e57

Sharing

Copy URL

Twitter E-mail

General

Target

9a923eb389bf1c51d9a53cc52951dcbc2bd4f2ac2cb810295e201987031a6e57
Size

1.0MB
MD5

121f7cba18bcb38e68bd4fc4f2e71815
SHA1

25f64ae766388a2c6b43c063a84451b6725e3115
SHA256

9a923eb389bf1c51d9a53cc52951dcbc2bd4f2ac2cb810295e201987031a6e57
SHA512

7b10cfffea055f61c773fae242c4e151b61109018e82c47d5ef54321cd7eb30deb58d2fb10fc4906331437bbf232e391bec407c1e2db82159b2eea52c4de07de
SSDEEP

12288:JeQKMskAFMiGLXEPcE/MXLTKYr3eHp6l3n09bXXIZt3++mfrvsFwnTzCFY3vJy6/:A3yiGi/4LmcuHuX0iT3+5IgkYBa+B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9a923eb389bf1c51d9a53cc52951dcbc2bd4f2ac2cb810295e201987031a6e57

Files

9a923eb389bf1c51d9a53cc52951dcbc2bd4f2ac2cb810295e201987031a6e57
.exe windows:5 windows x86 arch:x86

177576821fe947d9d5823d23afbd9906

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
RaiseException
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCommandLineA
RtlUnwind
SetErrorMode
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetOEMCP
GetCPInfo
InterlockedIncrement
GetModuleHandleW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentProcessId
GetTickCount
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
lstrcmpW
GetVersionExA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GlobalAlloc
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GetLastError
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetModuleHandleA
GetProcAddress
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
VirtualFree
SizeofResource

user32

PostThreadMessageA
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
PtInRect
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowPlacement
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetWindow
SystemParametersInfoA
DestroyMenu
CopyRect
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetClientRect
EnableMenuItem
SendMessageA
GetSystemMenu
UnregisterClassA
IsIconic
DrawIcon
GetLastActivePopup
GetActiveWindow
MessageBeep
GetSystemMetrics
DestroyIcon
GetIconInfo
LoadIconA
EnableWindow
MapDialogRect
SetForegroundWindow
GetFocus
KillTimer
SetTimer
GetSysColorBrush
RegisterClipboardFormatA
ValidateRect
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
GetWindowThreadProcessId
SetCursor
LoadCursorA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
CheckMenuItem
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateDCA
GetDeviceCaps
GetTextExtentPoint32A
GetObjectA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

177576821fe947d9d5823d23afbd9906

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

oleacc

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 40KB - Virtual size: 40KB

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 40KB - Virtual size: 40KB

.reloc
Size: 30KB - Virtual size: 30KB