9b103f9b1e03dd07bd7fdb5f7f26d07124889d2afa33e7443b3c7e0d1650cdb7

General

Target

9b103f9b1e03dd07bd7fdb5f7f26d07124889d2afa33e7443b3c7e0d1650cdb7
Size

167KB
MD5

32a041b4f12bf8bdbabb00ec16337c32
SHA1

76c9968de2e839f617ec8b0663f2d9d7325a3859
SHA256

9b103f9b1e03dd07bd7fdb5f7f26d07124889d2afa33e7443b3c7e0d1650cdb7
SHA512

c8f6847ec7c1c3cb1bee315ae87725dffc7df02fda3cda2379335fddae76f39efec890696cdf9082e1514960d251e4d4ec128e0c05af5e3cdd6cf792e4fc5574
SSDEEP

3072:wW05fG6cmj3kiSUCuiYw5+EhGfENo85ptog3Tl6zj62N0AAAerSZMAZHdXZL3Ezg:p6a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b103f9b1e03dd07bd7fdb5f7f26d07124889d2afa33e7443b3c7e0d1650cdb7

Files

9b103f9b1e03dd07bd7fdb5f7f26d07124889d2afa33e7443b3c7e0d1650cdb7
.exe windows:4 windows x86 arch:x86

df57a2a7b4b2e21a0b558c480222b82c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
GetModuleFileNameA
GetCommandLineA
IsDBCSLeadByte
LocalFree
CloseHandle
ExitProcess
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
CreateFileA
WriteFile
GetStdHandle
lstrlenA
lstrcatA
lstrcpyA
FormatMessageA
FreeLibrary
GetProcAddress
LoadLibraryA
GetEnvironmentVariableA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
lstrcmpiA
lstrcmpA
SetConsoleTitleA
GetVersionExA
SetEnvironmentVariableA
FindClose
FindFirstFileA
GetFullPathNameA
InterlockedIncrement
LocalAlloc
GetExitCodeThread
WaitForSingleObject
CreateThread
GetCurrentThreadId
LoadResource
FindResourceExA
GetUserDefaultLangID
GetSystemDefaultLangID
SetLastError
lstrlenW
RtlUnwind

user32

CharNextA
DispatchMessageA
CharLowerA
GetMessageA
CharPrevA
PostThreadMessageA
LoadStringA
CharToOemA
TranslateMessage
wvsprintfA

ole32

CoInitialize
CoRegisterClassObject
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CoGetClassObject
CoUninitialize

oleaut32

SysFreeString

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df57a2a7b4b2e21a0b558c480222b82c

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 150KB - Virtual size: 150KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 150KB - Virtual size: 150KB

.reloc
Size: 1024B - Virtual size: 1KB