199f576f4d5ce4edb11789b95b0c4da3

Sharing

Copy URL Twitter E-mail

General

Target

199f576f4d5ce4edb11789b95b0c4da3
Size

1.6MB
MD5

199f576f4d5ce4edb11789b95b0c4da3
SHA1

48f5d236b729c84a62a75dfd48133d962b445354
SHA256

4af698f5e7cfbf20562e2320d441e2918f0062876cea4d1048ae66093c984c06
SHA512

64ac482cd863d2b4cb9c43da377491eb979b83bf48162ce3ef5a0572c1708714e066e6b9ace8ceef9f25b2aafe9b84b9a740b0532f06767a1094123b34ff53e2
SSDEEP

24576:MfTAch8FsE/k6/zapHbZBYSnA0toS0xzlrJsycSyjlm+izasDDVeyvRz:MfcXFsELzWd5Gllsy3yjlTizagJek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
199f576f4d5ce4edb11789b95b0c4da3

Files

199f576f4d5ce4edb11789b95b0c4da3
.exe windows:4 windows x86 arch:x86

2033a1f71307f9eb8316bc1708b81d9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
TlsGetValue
GetProcessVersion
RaiseException
ExitProcess
GetStartupInfoA
GetCommandLineA
SetEnvironmentVariableA
SetErrorMode
SetCurrentDirectoryA
LocalReAlloc
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
LCMapStringA
TlsSetValue
HeapFree
GlobalReAlloc
HeapAlloc
TlsFree
InterlockedIncrement
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
CompareStringA
CompareStringW
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetFileAttributesA
GetTempPathA
DeleteFileA
WriteFile
ReadFile
GetFileSize
GlobalHandle
TlsAlloc
LocalAlloc
SizeofResource
GlobalFlags
MulDiv
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindFirstFileA
FindClose
GlobalAlloc
lstrcmpA
GetCurrentThread
LocalFree
GetVersion
lstrcatA
GetCurrentThreadId
GlobalAddAtomA
GetStringTypeA
GlobalGetAtomNameA
CopyFileA
SetFilePointer
lstrcmpiA
GetStringTypeW
lstrcpyA
GlobalFindAtomA
GetDiskFreeSpaceA
GlobalDeleteAtom
GlobalUnlock
GetModuleHandleA
GlobalLock
FindResourceA
GlobalFree
LockResource
InterlockedDecrement
LoadResource
MultiByteToWideChar
SetUnhandledExceptionFilter
CreateFileMappingA
MapViewOfFile
GetProcAddress
UnmapViewOfFile
SetVolumeLabelA
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
GetCurrentProcess
SetLastError
WaitForSingleObject
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrlenA
UnhandledExceptionFilter
FreeEnvironmentStringsA
LCMapStringW
GetModuleFileNameA
OpenProcess
LoadLibraryA
GetVersionExA
FreeLibrary
CloseHandle
TerminateProcess
GetProfileStringA
WideCharToMultiByte
GetLastError
CreateSemaphoreA
CreateFileA
Sleep
GetSystemDirectoryA

user32

PostQuitMessage
SetCursor
ValidateRect
TranslateMessage
GetDC
GetMessageA
CharUpperA
GetClassNameA
PtInRect
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
DestroyMenu
InflateRect
GetMenuCheckMarkDimensions
ReleaseDC
InvalidateRect
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
GetClientRect
CopyRect
GetCapture
MapWindowPoints
wsprintfA
GetMenuState
LoadBitmapA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
LoadStringA
OemToCharA
PostMessageA
GetWindowThreadProcessId
GetCursorPos
WindowFromPoint
MessageBoxA
LoadIconA
IsWindow
IsWindowVisible
SetForegroundWindow
IsIconic
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
GetClassInfoA
RegisterClassA
GetTopWindow
WinHelpA
EnumWindows
EnableWindow
KillTimer
SetTimer
SendMessageA
GetSubMenu
GetDlgCtrlID
GetWindowTextA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

SetTextColor
SetBkColor
GetObjectA
CreateBitmap
PatBlt
DeleteObject
SelectObject
GetDeviceCaps
GetStockObject
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
IntersectClipRect
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateDIBitmap
CreateCompatibleDC
BitBlt
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPointA
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

comctl32

ord17

wsock32

WSAStartup
WSACleanup

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2033a1f71307f9eb8316bc1708b81d9d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 16KB - Virtual size: 56KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 16KB - Virtual size: 56KB