098c9f39a3a0cb8dbfe3685311375f22

Sharing

Copy URL Twitter E-mail

General

Target

098c9f39a3a0cb8dbfe3685311375f22
Size

296KB
MD5

098c9f39a3a0cb8dbfe3685311375f22
SHA1

c5167ebb04a3f0d6527ba3007dd1d1d78c350ec0
SHA256

4db095b1d34624bd226a8b798149a3177720662fb9a879dbe544b20cc07dcfe0
SHA512

ec84cfd881f5b11a3232d7e85aa99ef0cec0e371cc8339a66f40ccd757817890d8b9522643b44e70076c12007cd5026fe482e55b3a985b63a18ec74638e09f21
SSDEEP

6144:En8J3LgCneOe8enj17fRcF2NMcLymBzBo5m4K6+TbbEaYB:EnugbOe8enjdfQ2Wcumdiq6qbbEaY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
098c9f39a3a0cb8dbfe3685311375f22

Files

098c9f39a3a0cb8dbfe3685311375f22
.exe windows:4 windows x86 arch:x86

b5f944d9797933dea181f1dbb004c945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetModuleFileNameA
GetTempFileNameA
CopyFileA
CreateDirectoryA
DeleteFileA
GlobalAlloc
WinExec
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalDeleteAtom
GetTickCount
GlobalLock
GlobalUnlock
CloseHandle
MultiByteToWideChar
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
GetLastError
UnmapViewOfFile
LocalLock
LocalAlloc
LocalUnlock
LocalFree
SizeofResource
GlobalReAlloc
LockResource
FindResourceA
LoadResource
GetProfileStringA
FreeResource
lstrcatA
GetStartupInfoA
GlobalAddAtomA
GetFileAttributesA
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
GetOEMCP
GetACP
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
CreateFileA
FlushFileBuffers
ReadFile
VirtualFree
HeapCreate
GlobalFree
HeapDestroy
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetProcAddress
LoadLibraryA
SetEndOfFile
HeapSize
VirtualAlloc

user32

UnpackDDElParam
FreeDDElParam
ShowWindow
SetWindowPos
MessageBoxA
LoadStringA
wsprintfA
IntersectRect
GetCursorPos
GetWindowRect
SetRect
IsWindow
GetDC
ReleaseDC
SendMessageA
DialogBoxParamA
MoveWindow
GetClientRect
EndDialog
DestroyCursor
SetTimer
KillTimer
InvalidateRect
SetCursor
PtInRect
LoadCursorA
GetAsyncKeyState
EndPaint
BeginPaint
SetDlgItemTextA
GetDlgItemTextA
CheckMenuItem
CopyRect
GetWindow
GetClassNameA
GetTopWindow
GetDesktopWindow
IsWindowVisible
GetWindowLongA
EnumWindows
GetUpdateRect
IsRectEmpty
UpdateWindow
PostMessageA
SetRectEmpty
UnionRect
LoadIconA
GetMessageA
FindWindowA
PostQuitMessage
SetClassWord
SetWindowTextA
DefWindowProcA
SetForegroundWindow
TrackPopupMenu
DestroyWindow
DestroyMenu
CreateWindowExA
LoadMenuA
GetSubMenu
RegisterClassA
OffsetRect
FillRect
SetWindowLongA
DispatchMessageA
TranslateMessage
EqualRect

gdi32

RealizePalette
GetObjectA
DeleteDC
DeleteObject
BitBlt
SetMapMode
SetBkColor
CreateCompatibleBitmap
CreateBitmap
GetMapMode
SelectObject
CreateCompatibleDC
GetPixel
GetStockObject
SetBkMode
GetDeviceCaps
CreateDIBitmap
CreatePalette
CreateSolidBrush
SelectClipRgn
CreateRectRgnIndirect
SetRectRgn
SelectPalette

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

winmm

mciSendCommandA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5f944d9797933dea181f1dbb004c945

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 21KB - Virtual size: 37KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 175KB - Virtual size: 174KB

.grdata Size: - Virtual size: 20KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 21KB - Virtual size: 37KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 175KB - Virtual size: 174KB

.grdata
Size: - Virtual size: 20KB