9540fc8351b43d7d346e7d5bf8efb8db46deb6537baf632fb722f32f4fe03a2eN

Sharing

Copy URL Twitter E-mail

General

Target

9540fc8351b43d7d346e7d5bf8efb8db46deb6537baf632fb722f32f4fe03a2eN
Size

1.7MB
MD5

2afa6193a168ffa97ad452f2f1ed0ff0
SHA1

bc22d8a358fb6398f5a405152feac912588ba50a
SHA256

9540fc8351b43d7d346e7d5bf8efb8db46deb6537baf632fb722f32f4fe03a2e
SHA512

9874a285da6c2addf03de4ec08023be09fdb61e234ece25810245f25ebc49fdc8fad5598152ee359817bd14a2b1d72cf61c76d1bc743c9738f81e9112c853fe7
SSDEEP

24576:bZJiuCUz5Np9WLcbbcSWMT3P+bTsdum9gN/f22zAl8WkeiIcmnfcO:bZJiuTF/LH1TasQmON/O2zA4dIcm1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9540fc8351b43d7d346e7d5bf8efb8db46deb6537baf632fb722f32f4fe03a2eN

Files

9540fc8351b43d7d346e7d5bf8efb8db46deb6537baf632fb722f32f4fe03a2eN
.dll windows:5 windows x86 arch:x86

f9f6a2a24b1af7eba9759cdbbc09f592

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

GetErrorInfo

user32

ValidateRgn
PostQuitMessage
RegisterHotKey
CopyImage
SetCursorPos
DrawTextExW
GetRawInputDeviceList
SetScrollInfo

kernel32

LeaveCriticalSection
GetModuleFileNameA
SetConsoleScreenBufferSize
PostQueuedCompletionStatus
HeapCompact
HeapAlloc
DuplicateHandle
ReadConsoleOutputAttribute
GetCurrentProcess
DebugBreak
GetConsoleCP
GetStdHandle
GetModuleHandleW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CloseHandle

gdi32

GetTextColor
GetCharWidthW
GetPolyFillMode
PtInRegion
GetWindowExtEx
AbortDoc
OffsetWindowOrgEx

wintrust

CryptCATAdminRemoveCatalog

winscard

SCardGetCardTypeProviderNameW

advapi32

FreeEncryptionCertificateHashList
CreateServiceA

ws2_32

WSAGetLastError

Exports

Exports

SkeiOeitxnese

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt1
Size: 4KB - Virtual size: 389B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9f6a2a24b1af7eba9759cdbbc09f592

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

gdi32

wintrust

winscard

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.crt1 Size: 4KB - Virtual size: 389B

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 76KB - Virtual size: 79KB

.crt Size: 164KB - Virtual size: 160KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 44KB - Virtual size: 40KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.crt1
Size: 4KB - Virtual size: 389B

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 76KB - Virtual size: 79KB

.crt
Size: 164KB - Virtual size: 160KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 44KB - Virtual size: 40KB