1a99a092b1647042b588ebc6a3a64196

Sharing

Copy URL

Twitter E-mail

General

Target

1a99a092b1647042b588ebc6a3a64196
Size

292KB
MD5

1a99a092b1647042b588ebc6a3a64196
SHA1

612a5542e3fe5661a38c5aa9c19e16a23cd52ad4
SHA256

e38e4f6ac6c381186068dadd57fd04b8df0e86d7f0e7fca8b39a46d36cca27f9
SHA512

009b11416e7942235bd27c7b52f08e907858c82daf5488d6d08c559d6d6bd600582c6ca189cb423588d621383616fe37aa1006e61e8c0a8ae4b836ea6a111b6f
SSDEEP

6144:3L6+cmUL3gKpxIHmg27F5O84oEBjg2tTf9VwRu:3L6+ly3xIj27FV4bRQs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a99a092b1647042b588ebc6a3a64196

Files

1a99a092b1647042b588ebc6a3a64196
.exe windows:4 windows x86 arch:x86

39fd9c4ede4cf67364b61bd6ee17355a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
GetLastError
CreatePipe
ReadFile
PeekNamedPipe
WaitForSingleObject
GlobalFree
GlobalUnlock
GlobalHandle
GetCommandLineW
GetCommandLineA
LoadLibraryW
GetModuleHandleW
GetVersionExA
GetCurrentProcess
GetCurrentThread
GetProcAddress
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
CreateThread
GetEnvironmentVariableA
SetEndOfFile
SetFilePointer
UnmapViewOfFile
CreateProcessA
GetStdHandle
GetFileSize
CreateFileA
lstrcatA
GetWindowsDirectoryA
GetShortPathNameA
CreateDirectoryA
DeleteFileA
SleepEx
GetTempFileNameA
GetFileAttributesA
GetTempPathA
GetDiskFreeSpaceA
WideCharToMultiByte
SetEnvironmentVariableA
GetDriveTypeA
GetLogicalDriveStringsA
RemoveDirectoryA
SetFileAttributesA
GetTickCount
ResumeThread
SetPriorityClass
SetThreadPriority
MoveFileExA
LocalFree
FormatMessageA
Sleep
CreateFileMappingA
MapViewOfFile
SetConsoleCtrlHandler
GetModuleHandleA
SetCurrentDirectoryA
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
SetStdHandle
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LoadLibraryA
GetTimeZoneInformation
GetStartupInfoA
CloseHandle
GetVersion
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapReAlloc
TerminateProcess
HeapSize
SetHandleCount
WriteFile
GetFileType
SetUnhandledExceptionFilter
FatalAppExitA
FlushFileBuffers
EnterCriticalSection
DeleteCriticalSection
CompareStringW
CompareStringA
GetLocaleInfoW
RtlUnwind
RaiseException
InterlockedDecrement
InterlockedIncrement
GetCurrentDirectoryA
GetEnvironmentStrings
GetEnvironmentStringsW
TlsSetValue
LeaveCriticalSection
ExitProcess
HeapAlloc
HeapFree
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
InitializeCriticalSection

user32

DispatchMessageW
ExitWindowsEx
DispatchMessageA
TranslateMessage
GetWindowRect
LoadStringA
wsprintfA
MoveWindow
GetParent
GetSystemMetrics
DestroyWindow
DefWindowProcA
DefWindowProcW
CreateWindowExA
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
KillTimer
PostMessageA
SetWindowTextA
GetWindowTextA
MessageBoxA
IsWindowVisible
EnableWindow
SetTimer
ShowWindow
GetDlgItem
SendMessageA
SetDlgItemTextA
GetMessageA
GetMessageW
IsDialogMessageA
CreateDialogParamA
PostQuitMessage
IsWindow

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39fd9c4ede4cf67364b61bd6ee17355a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 116KB - Virtual size: 115KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 116KB - Virtual size: 115KB