00d198dc32263356109606841c0fa8ab

Sharing

Copy URL Twitter E-mail

General

Target

00d198dc32263356109606841c0fa8ab
Size

98KB
MD5

00d198dc32263356109606841c0fa8ab
SHA1

c2bba3a6125c2291d688ced0ca9a38eeaa2134bb
SHA256

009978d454d213b175a6f0e2b3f141f8e4550c2e7ae2b2424160f7813dfbe420
SHA512

fb9e03ace2cfdb03c23b5408fd8881d19ba4d2473f7659bf96210a86fb549fe36098e3b114700f25057ba1606afc32d658abedb091059f3fed0251772bdec843
SSDEEP

1536:sFKMz7PqF9uUEsdhzvlo3Yh/9AYkLq+XJATNEbuKvtotr:sF3TqF9uUEoZoIh/9W5ABTKvtotr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d198dc32263356109606841c0fa8ab

Files

00d198dc32263356109606841c0fa8ab
.exe windows:5 windows x86 arch:x86

f154b8f39109b2ba81f2c28f4163121a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Create
ImageList_AddMasked
CreateStatusWindowA
DestroyPropertySheetPage

advapi32

RegOpenKeyW
InitializeAcl
RegDeleteValueW

kernel32

GetFileTime
ExitProcess
VirtualAlloc

msvcrt

_except_handler3
wprintf
isxdigit
towlower
_itow
wcscpy
wcscmp
_osver
_fullpath
_mbscmp
__p__commode
_fileno
_sopen
div
_mbsnbcpy
fseek
time
_write
isalnum
__setusermatherr
_lock

gdi32

CreateDIBSection
CreateBitmapIndirect
SetLayout
ExtTextOutA
GetDCOrgEx
LineTo
GetDIBits
SetROP2
PlayMetaFileRecord
SelectPalette
GetBitmapBits
GetPixel
EndDoc
EnumMetaFile
FillRgn
GetRgnBox
GetDeviceCaps
CreateDCW
GetPaletteEntries
ExtTextOutW
EndPage
OffsetRgn
CreateFontIndirectA
GetObjectType
CreateSolidBrush
GetNearestColor
SetWindowExtEx
GetObjectW
SetViewportOrgEx
GetTextColor
DeleteDC
GetTextExtentPointA
GetCurrentObject
PolyBezierTo
CreateBrushIndirect
CreatePalette
SetWinMetaFileBits
StartDocA
TextOutA
CreateMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileBits
GetBkMode
OffsetViewportOrgEx
GetTextExtentPoint32W
AngleArc
BitBlt

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f154b8f39109b2ba81f2c28f4163121a

Headers

File Characteristics

Imports

version

comctl32

advapi32

kernel32

msvcrt

gdi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 31KB - Virtual size: 77KB

.idata Size: 14KB - Virtual size: 32KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 31KB - Virtual size: 77KB

.idata
Size: 14KB - Virtual size: 32KB

.rsrc
Size: 20KB - Virtual size: 19KB