9b67914768477c27bfec54e79955674d878e6489abc21344f13166ca9446c9a4[.]exe

General

Target

9b67914768477c27bfec54e79955674d878e6489abc21344f13166ca9446c9a4.exe
Size

111KB
MD5

ce1c2378b676d5911eddc3758624c976
SHA1

c22076d3747e231f12b5773dd825b9dbf7231ac6
SHA256

9b67914768477c27bfec54e79955674d878e6489abc21344f13166ca9446c9a4
SHA512

a575b4cb25220bba8792bb0dc9f0feb9d3241d4a01c487bcfb6af45fe2ad380ab42525be345269f4eec130d4a0faba63e7cf2766c3f71664b287b9820827d10a
SSDEEP

3072:SwUYPGG9eAoHSwMm8KzF6N0dKMW+Wb+EyjOIpiAAiLF:SwUYz93oHSHBnyWj+EfIEwR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b67914768477c27bfec54e79955674d878e6489abc21344f13166ca9446c9a4.exe

Files

9b67914768477c27bfec54e79955674d878e6489abc21344f13166ca9446c9a4.exe
.exe windows:4 windows x86 arch:x86

535f8cb7436cafe2e0350157dbe6d531

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

ws2_32

send
accept

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
??3@YAXPAX@Z
_acmdln
exit
_XcptFilter
_exit
free
_except_handler3
strcmp
rand
strlen
atoi
memcpy
memset
strcpy
strtok
??2@YAPAXI@Z
getenv
strcat

kernel32

GetStartupInfoA
AllocConsole
WriteConsoleA
lstrcmpiA
GetCurrentProcess
GetModuleHandleA
ReadProcessMemory
Sleep
GetModuleFileNameW
lstrlenW
WriteProcessMemory
GetCommandLineA
OutputDebugStringA
LoadLibraryA
GetProcAddress
lstrcpyA
CreateMutexA
GetLastError
lstrcmpA
lstrcatA
CreateThread
WaitForSingleObject
ExitProcess
lstrlenA
GetModuleFileNameA

user32

TranslateMessage
GetWindowRect
GetMessageA
TrackPopupMenu
GetWindowLongA
CreateMenu
MessageBoxW
KillTimer
IsWindow
EnableMenuItem
MessageBoxA

gdi32

CreateCompatibleDC
SelectObject
CreateDCA
CreateDIBitmap
SelectPalette
DeleteObject

comdlg32

GetSaveFileNameA

shell32

ShellExecuteExA
Shell_NotifyIconA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

535f8cb7436cafe2e0350157dbe6d531

Headers

File Characteristics

Imports

version

ws2_32

msvcrt

kernel32

user32

gdi32

comdlg32

shell32

ole32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 41KB - Virtual size: 44KB

.rsrc Size: 49KB - Virtual size: 48KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 41KB - Virtual size: 44KB

.rsrc
Size: 49KB - Virtual size: 48KB