9902fbc3649cea6d8d4524087cadf497a79ba28d112d319b18638371608f5365[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9902fbc3649cea6d8d4524087cadf497a79ba28d112d319b18638371608f5365.exe
Size

140KB
MD5

1af81fe3fb1fa2531e0ebc9e97979785
SHA1

b715ef91c5611fee9e5357767e11422f37a68ba0
SHA256

9902fbc3649cea6d8d4524087cadf497a79ba28d112d319b18638371608f5365
SHA512

b3c44bdd0152ac617ceeb2bda3f195fbdc7d49be150e065c1e56984ba1895969846550ea9be409f2e1d117d4cddeb325be788fa144b717d88eace64d7defd746
SSDEEP

1536:rBC8cGhP4h1QlBR5szrAMty3KntgmaGSR1EbsQI1mhiMBUroMhFP:rBC81V4Iz0r7ty3KlaPEbsQIxrDfP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9902fbc3649cea6d8d4524087cadf497a79ba28d112d319b18638371608f5365.exe

Files

9902fbc3649cea6d8d4524087cadf497a79ba28d112d319b18638371608f5365.exe
.dll windows:4 windows x86 arch:x86

1dd8cd43b684daaa7a1f5222e01e66d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3d9

Direct3DCreate9

kernel32

LoadLibraryW
FreeLibrary
VerifyVersionInfoW
VerSetConditionMask
Sleep
GetModuleHandleW
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetProcAddress
GetStdHandle
HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
ExitProcess
WriteFile
GetModuleFileNameA
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
RtlUnwind
LoadLibraryA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
GetLocaleInfoA

user32

DestroyWindow
RegisterClassExW
CreateWindowExW
UnregisterClassW
ReleaseDC
GetClientRect
GetDC
DefWindowProcW
ShowWindow

gdi32

GetStockObject
DeleteDC
CreateCompatibleDC

Exports

Exports

ULPSCheck
ULPSClose
ULPSCloseD3D
ULPSOpen
ULPSWait

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1dd8cd43b684daaa7a1f5222e01e66d5

Headers

File Characteristics

Imports

d3d9

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 8KB - Virtual size: 5KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 5KB

.rmnet
Size: 60KB - Virtual size: 60KB