f998e1884f58d6a4f4410f8b7951a015

Sharing

Copy URL Twitter E-mail

General

Target

f998e1884f58d6a4f4410f8b7951a015
Size

199KB
MD5

f998e1884f58d6a4f4410f8b7951a015
SHA1

b35e958852b29516880ebb3af9e834f9886076eb
SHA256

a1e104f184c03ae1f5a462059cca0ad9273c22ef97f6b591596700527399ac77
SHA512

101cc121cb3fad3519f577ef41571bb26760a329b03cbaffcf7e213b37e61e891f86611c31f6928929eefb3e5ae9345fd8a35c9443e07eaa109362f52d89d02b
SSDEEP

6144:+0VeJgUTOTkrBEoKQnCGTJCGkZvoJ5+U1rhUJKNK:+q0RTOoVEOnd0GkZQJ5RjK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f998e1884f58d6a4f4410f8b7951a015

Files

f998e1884f58d6a4f4410f8b7951a015
.exe windows:4 windows x86 arch:x86

d686764ebe5ecb2b4a431982e67c5823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
GetEnvironmentVariableW
GetNumberFormatW
ExpandEnvironmentStringsW
GetUserDefaultLCID
GetShortPathNameW
GetProcessHeap
GetSystemDirectoryA
GetCurrentProcessId
GlobalFindAtomA
IsValidCodePage
GetLogicalDrives
DeleteAtom
lstrcmp
AddAtomW
OpenSemaphoreA
CopyFileA
HeapCreate
IsValidLocale
BeginUpdateResourceA
LoadLibraryA
GetCalendarInfoW
OpenWaitableTimerW
GetLocaleInfoA
lstrcpy
LoadLibraryW
GetProcAddress
CreateMailslotA
GetCurrentDirectoryW
FreeLibrary
GetDateFormatA
GetTempFileNameW
GetStartupInfoA
GetNumberFormatA

user32

GetClassInfoExW
PeekMessageA
CreateAcceleratorTableW
GetMenuItemID
GetDesktopWindow
GetMenuItemRect
MonitorFromWindow
SetTimer
GetAsyncKeyState
wvsprintfA
FindWindowW
MessageBoxIndirectW
RegisterWindowMessageW
SetDlgItemTextA
GetMenuItemCount
UnregisterClassW
GetSystemMetrics
WinHelpW
IsDlgButtonChecked
CharPrevW
DefWindowProcW
RemoveMenu
TrackPopupMenu
GetForegroundWindow
GetMessageA
EnableMenuItem
LoadMenuA
SendDlgItemMessageW
CreatePopupMenu
wvsprintfW
LoadCursorA
CreateDesktopA
CharNextA

gdi32

CreateMetaFileA
CreateRectRgn
UpdateICMRegKeyW
GetEnhMetaFileA
CreateMetaFileW
RemoveFontResourceA
CreateColorSpaceW
RemoveFontResourceExW
TranslateCharsetInfo
GetTextExtentPointA

opengl32

glIndexiv
glVertex3iv
glLighti
glColor4us

ws2_32

sendto
gethostname
WSADuplicateSocketA
WSASendTo
WSAConnect

winmm

joySetCapture
mciFreeCommandResource
DriverCallback
OpenDriver
midiOutGetErrorTextA
midiOutReset

inetcomm

EssSignCertificateDecodeEx
HrAttachDataFromBodyPart
MimeOleUnEscapeStringInPlace
EssSignCertificateEncodeEx
MimeOleInetDateToFileTime
HrAttachDataFromFile
MimeOleGetCodePageCharset
MimeOleGetPropA
MimeOleGetFileExtension
MimeOleSetCompatMode
MimeOleAlgStrengthFromSMimeCap
MimeOleGetCertsFromThumbprints
EssMLHistoryDecodeEx
CreateRASTransport
HrSaveAttachToFile
CreatePOP3Transport

Sections

.H
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UDMHgm
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZIz
Size: 512B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dB
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ryaRDd
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SanSi
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lh
Size: 13KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HbtVWS
Size: 1024B - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d686764ebe5ecb2b4a431982e67c5823

Headers

File Characteristics

Imports

kernel32

user32

gdi32

opengl32

ws2_32

winmm

inetcomm

Sections

.H Size: 1KB - Virtual size: 1KB

.UDMHgm Size: 85KB - Virtual size: 84KB

.ZIz Size: 512B - Virtual size: 105KB

.dB Size: 13KB - Virtual size: 13KB

.ryaRDd Size: 3KB - Virtual size: 8KB

.SanSi Size: 85KB - Virtual size: 84KB

.Lh Size: 13KB - Virtual size: 284KB

.HbtVWS Size: 1024B - Virtual size: 263KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.H
Size: 1KB - Virtual size: 1KB

.UDMHgm
Size: 85KB - Virtual size: 84KB

.ZIz
Size: 512B - Virtual size: 105KB

.dB
Size: 13KB - Virtual size: 13KB

.ryaRDd
Size: 3KB - Virtual size: 8KB

.SanSi
Size: 85KB - Virtual size: 84KB

.Lh
Size: 13KB - Virtual size: 284KB

.HbtVWS
Size: 1024B - Virtual size: 263KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B