049a24c142ef399ce1ae8eb0c744d86bfc0bca9e2eb818416bba7cf3584b1b79

Sharing

Copy URL Twitter E-mail

General

Target

049a24c142ef399ce1ae8eb0c744d86bfc0bca9e2eb818416bba7cf3584b1b79
Size

11.7MB
MD5

06375272455a2494da637aff9170fa08
SHA1

32817b7e70d6798d52f32290d7b0f479e87c7ecc
SHA256

049a24c142ef399ce1ae8eb0c744d86bfc0bca9e2eb818416bba7cf3584b1b79
SHA512

10a7e7a40e7bcd2cd83c903b59389dd530137bb00ed4aa7b3e101602a9ee03e4281b46fcbcd00b286dc870c8933b1a5bcbe03c129572cebdab4b68b339d530a1
SSDEEP

196608:JMgoJFbUK6Vf9Lk3c+oxU8lxe4hoZaBOpw8vYQx5UKSWg:JMgyFbmlLr+oS2xe4hB2VvvdSWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
049a24c142ef399ce1ae8eb0c744d86bfc0bca9e2eb818416bba7cf3584b1b79

Files

049a24c142ef399ce1ae8eb0c744d86bfc0bca9e2eb818416bba7cf3584b1b79
.exe windows:4 windows x86 arch:x86

80e4770c523c039b2b1e81f329831b04

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

toolkitpro1201vc60

?GetImageManager@CXTPTaskPanel@@QBEPAVCXTPImageManager@@XZ

mfc42

ord2024

msvcrt

__RTtypeid

kernel32

WideCharToMultiByte
VirtualQuery
VirtualProtect
EnterCriticalSection
LeaveCriticalSection
GetTickCount64
LoadLibraryA
GetCurrentThreadId
GetModuleFileNameA
GetLastError
GetModuleHandleA
GetProcAddress
SuspendThread
ResumeThread
ExitProcess
Thread32Next
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
OpenThread
CloseHandle
GetThreadId
TerminateThread
WaitForSingleObject
CreateThread
WakeConditionVariable
GetProcessHeap
HeapAlloc
HeapFree
OpenProcess
ReadProcessMemory
GetSystemInfo
TlsGetValue
GetCurrentProcess
TerminateProcess
TlsSetValue
InitializeConditionVariable
InitializeCriticalSection
GetCommandLineA
CreateEventA
GetModuleHandleW
GetModuleFileNameW
SleepConditionVariableCS
TlsFree
LocalAlloc
TlsAlloc
LocalFree
IsWow64Process
FormatMessageA
HeapReAlloc
GetCurrentThread
VirtualAlloc
GetThreadContext
VirtualFree
IsDebuggerPresent
ResetWriteWatch
GetWriteWatch
GetTickCount
GetACP
GetOEMCP
GetThreadLocale
GetSystemDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemDefaultLCID
GetThreadUILanguage
PostQueuedCompletionStatus
SetLastError
GetFileType
QueryDosDeviceW
ReleaseMutex
FlushViewOfFile
CreateMutexA
UnmapViewOfFile
FreeLibrary
Module32First
GetCurrentDirectoryA
Module32Next
GetModuleHandleExA
CreateFileMappingA
WriteProcessMemory
InterlockedCompareExchange
InterlockedIncrement
SetThreadPriority
OutputDebugStringA
InterlockedExchangeAdd
OpenMutexA
InterlockedDecrement
CreateFileA
WriteFile
ReadFile
DeviceIoControl
GetVolumeInformationA
GetEnvironmentVariableA
GetSystemTime
SystemTimeToFileTime
CreateProcessW
GetEnvironmentVariableW
GetExitCodeThread
CreateFileW
GetProcessTimes
GetFileInformationByHandle
WideCharToMultiByte
GetVersionExA
DuplicateHandle
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
FindFirstFileW
SetErrorMode
GetVersion
GetLocalTime
FindFirstFileA
GetFileSize
FindNextFileA
GetComputerNameExW
LoadLibraryExA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateDirectoryW
SwitchToFiber
ConvertThreadToFiber
DeleteFiber
FlushFileBuffers
GetLogicalDrives
GetDriveTypeA
DeleteFileW
RemoveDirectoryW
CreateSemaphoreA
SearchPathA
OpenSemaphoreA
ReleaseSemaphore
SetFilePointerEx
SwitchToThread
GetComputerNameW
MultiByteToWideChar
SetFileAttributesW
FindNextFileW
MoveFileExW
DefineDosDeviceA
QueryDosDeviceA
SetEndOfFile
GetExitCodeProcess
CreateProcessA
OpenFileMappingA
HeapSize
ReadConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
IsValidCodePage
FindFirstFileExW
FindClose
SetEvent
MapViewOfFile
Sleep
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedFlushSList
RaiseException
LoadLibraryExW
GetStdHandle
GetModuleHandleExW
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
GetFileSizeEx
WriteConsoleW

user32

GetWindowRect
UnhookWindowsHookEx
SetWindowsHookExA
SendMessageA
MessageBoxA
EnumWindows
ShowWindow
GetDlgItem
CallNextHookEx
GetWindowThreadProcessId

gdi32

CreateCompatibleDC

shell32

ShellExecuteA

comctl32

ImageList_BeginDrag

ole32

CoUninitialize

olepro32

ord251

oleaut32

VariantCopy

msvcirt

??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

sentinelkeyw

SFNTGetLicense

hasp_windows_112851

ord8

advapi32

RegisterEventSourceA
DeregisterEventSource

Sections

.text
Size: 824KB - Virtual size: 823KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.merged
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

80e4770c523c039b2b1e81f329831b04

Headers

File Characteristics

Imports

toolkitpro1201vc60

mfc42

msvcrt

kernel32

user32

gdi32

shell32

comctl32

ole32

olepro32

oleaut32

msvcirt

msvcp60

sentinelkeyw

hasp_windows_112851

advapi32

Sections

.text Size: 824KB - Virtual size: 823KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 172KB - Virtual size: 181KB

.idata Size: 32KB - Virtual size: 31KB

.rsrc Size: 4.9MB - Virtual size: 4.9MB

.reloc Size: 76KB - Virtual size: 73KB

.merged Size: 5.7MB - Virtual size: 5.7MB

.text
Size: 824KB - Virtual size: 823KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 172KB - Virtual size: 181KB

.idata
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

.reloc
Size: 76KB - Virtual size: 73KB

.merged
Size: 5.7MB - Virtual size: 5.7MB