f9b85d398c1e35b6da62ca02a435465e87fc3d30ab6a668e93cb06e8576d6f4d

Sharing

Copy URL

Twitter E-mail

General

Target

f9b85d398c1e35b6da62ca02a435465e87fc3d30ab6a668e93cb06e8576d6f4d
Size

265KB
MD5

aacd3ed57307a8b44476f58d2acb4049
SHA1

45ef04a77e25e37245932c9a5a2815b6d1a4e57d
SHA256

f9b85d398c1e35b6da62ca02a435465e87fc3d30ab6a668e93cb06e8576d6f4d
SHA512

634c29fcce76a23e598be3a8a79833c2755c414ab7c34a3c0c1d7dce253ce9eff5abdfabe3c4c6a4a887bb8e25d4180dbcdae62e7f01576dcac7b91195b7b7ce
SSDEEP

6144:xhFj6Y0DHeNTP2z1cMdiKGher+dKzqZU:nFz0D+NTP2z5gKAer+Li

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f9b85d398c1e35b6da62ca02a435465e87fc3d30ab6a668e93cb06e8576d6f4d

Files

f9b85d398c1e35b6da62ca02a435465e87fc3d30ab6a668e93cb06e8576d6f4d
.exe windows:5 windows x86 arch:x86

8e9155e61240efc293b2b80077b26959

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vukigicupaxa mef\kuf.pdb

Imports

kernel32

lstrcatW
SetSystemTimeAdjustment
FindNextVolumeA
LeaveCriticalSection
GetNamedPipeHandleStateA
FileTimeToLocalFileTime
FillConsoleOutputCharacterA
SetThreadAffinityMask
TerminateProcess
GetCurrentProcessId
GetVersionExW
EnumDateFormatsExW
EnumResourceNamesW
FindNextFileA
CopyFileExW
BuildCommDCBAndTimeoutsW
SetDefaultCommConfigA
WritePrivateProfileStructW
HeapSetInformation
CreateTimerQueueTimer
ReadConsoleInputA
WriteConsoleInputA
GetSystemDirectoryW
GetDriveTypeW
BuildCommDCBAndTimeoutsA
VirtualProtect
LoadLibraryA
GlobalAlloc
VerifyVersionInfoA
GetBinaryTypeA
GetProfileSectionA
InterlockedDecrement
ReadConsoleOutputCharacterW
FindFirstChangeNotificationW
FormatMessageA
SetDllDirectoryW
CreateIoCompletionPort
WritePrivateProfileStringA
GetConsoleAliasesLengthA
GetProcessHeap
OpenWaitableTimerA
SetConsoleTextAttribute
InterlockedIncrement
GetStartupInfoW
GetSystemWow64DirectoryW
SetLastError
GetConsoleAliasExesW
ContinueDebugEvent
EndUpdateResourceA
GetTickCount
FatalAppExitW
SetSystemTime
OpenFileMappingW
lstrcmpW
SetConsoleActiveScreenBuffer
SetDefaultCommConfigW
VirtualAlloc
InterlockedCompareExchange
GlobalFix
GetSystemWindowsDirectoryA
CopyFileW
TerminateThread
GetACP
FindAtomA
HeapWalk
SetMailslotInfo
CreateActCtxW
GetPrivateProfileIntA
_lread
CreateNamedPipeA
GetAtomNameA
SetConsoleScreenBufferSize
EnumResourceTypesW
lstrlenA
LoadLibraryW
WriteConsoleW
lstrcpyA
ReadConsoleOutputA
SetThreadContext
BuildCommDCBA
ReleaseActCtx
GetStringTypeW
GetPrivateProfileStringW
GetDriveTypeA
GetFileAttributesA
GetVolumePathNameA
MoveFileW
SetCommMask
SetFileShortNameW
VerLanguageNameA
LockFile
EndUpdateResourceW
GetOverlappedResult
FreeConsole
GlobalGetAtomNameW
SetComputerNameW
GetConsoleAliasExesLengthW
WriteConsoleInputW
CreateMailslotW
TzSpecificLocalTimeToSystemTime
MoveFileExA
DebugActiveProcess
GetStringTypeExW
EnumSystemLocalesA
GetConsoleAliasExesLengthA
FindActCtxSectionGuid
CopyFileA
ResetWriteWatch
GetPrivateProfileIntW
GetModuleHandleA
ProcessIdToSessionId
GetModuleFileNameW
GetConsoleAliasesLengthW
GlobalUnWire
FillConsoleOutputCharacterW
GetCompressedFileSizeW
SetThreadPriority
MapUserPhysicalPages
WriteConsoleOutputCharacterA
EnumDateFormatsW
QueryInformationJobObject
CreateFileA
GetDateFormatW
GetBinaryTypeW
RaiseException
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
HeapFree
VirtualFree
WriteFile
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapSize
HeapReAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
OutputDebugStringW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CloseHandle
FlushFileBuffers

user32

GetCaretBlinkTime

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e9155e61240efc293b2b80077b26959

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 148KB - Virtual size: 147KB

.data Size: 79KB - Virtual size: 331KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 148KB - Virtual size: 147KB

.data
Size: 79KB - Virtual size: 331KB

.rsrc
Size: 36KB - Virtual size: 36KB