9463ccf9a70b4d3d9492a23fd43a1be10b8581ecd0f362e04370ca9ca130b254

Sharing

Copy URL

Twitter E-mail

General

Target

9463ccf9a70b4d3d9492a23fd43a1be10b8581ecd0f362e04370ca9ca130b254
Size

3.9MB
MD5

f2c9fe1b69bd834b4fcfa73dc7985810
SHA1

60e7ff693eb86ad79d02349d7986815729508621
SHA256

9463ccf9a70b4d3d9492a23fd43a1be10b8581ecd0f362e04370ca9ca130b254
SHA512

7fd067a9af4b8c9902128d55e1734ca629ec5fa058cf86f76386b019adb628ddaa4ef6d7a3b25e9d78d97c7383269a1869d4089ab24ce7c1d547e44ef5b52008
SSDEEP

98304:1Gk07ZIJ1vVlLDCmvDE5oHdHjD2K7wwY/2eeVcqL1ew6nSCAq2J1/ICiJfX:Zwrj4cqL1ew6SCAq2J1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9463ccf9a70b4d3d9492a23fd43a1be10b8581ecd0f362e04370ca9ca130b254

Files

9463ccf9a70b4d3d9492a23fd43a1be10b8581ecd0f362e04370ca9ca130b254
.exe windows:6 windows x86 arch:x86

5d23b090d3d3285dd87402415d155ab1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InitializeCriticalSection
SetEvent
WaitForSingleObject
SleepEx
CreateMutexA
CreateEventA
OpenEventA
CreateThread
GetCurrentThreadId
GetTickCount64
CloseHandle
ExitProcess
GetTickCount
ResetEvent
ReleaseMutex
SignalObjectAndWait
FreeLibrary
GetProcAddress
GetLastError
MapViewOfFile
UnmapViewOfFile
OpenMutexA
OpenFileMappingA
WinExec
EnterCriticalSection
LeaveCriticalSection
QueueUserAPC
WaitForMultipleObjects
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
DeleteCriticalSection
OpenThread
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryA
GetFullPathNameA
GetCurrentDirectoryA
CreateFileMappingA
MoveFileExW
DeleteFileW
CreateProcessW
DuplicateHandle
GetTempPathW
LoadLibraryExA
GetModuleFileNameA
SetEndOfFile
CreateFileW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
GetSystemTimeAsFileTime
GetModuleHandleW
GetStringTypeW
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RaiseException
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
HeapAlloc
HeapValidate
GetSystemInfo
GetModuleFileNameW
GetModuleHandleExW
ReadFile
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetProcessHeap
GetFileType
OutputDebugStringW
WriteConsoleW
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileAttributesExW
FlushFileBuffers
GetConsoleOutputCP
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
CreatePipe

user32

GetWindowTextA
GetWindowThreadProcessId
EnumWindows
MessageBoxA
SendMessageA
GetWindowPlacement

shell32

ShellExecuteExA

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d23b090d3d3285dd87402415d155ab1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 428KB - Virtual size: 427KB

.data Size: 6KB - Virtual size: 66KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 428KB - Virtual size: 427KB

.data
Size: 6KB - Virtual size: 66KB

.rsrc
Size: 1KB - Virtual size: 1KB