0c99912c05ea3272859245fb82474299

Sharing

Copy URL Twitter E-mail

General

Target

0c99912c05ea3272859245fb82474299
Size

556KB
MD5

0c99912c05ea3272859245fb82474299
SHA1

f397d925306142d3a22188c54699bd07ff5bd211
SHA256

36de9feca1bfcb0362c437c594bdfe8cc2b00cf83695749fe27642ced457ebd2
SHA512

07916ee624821732205c98984fc9b2d2f5bf69f6c26d4d53035eda3a13fc5bdbe5efa1e87a8da270c4156b2d2bf16d7a68e538ca717cdf63757f492a49aebe3b
SSDEEP

12288:o7/IACI1w6c0G7pI0yngyYPKfTpdDGhzIJv/:yTm6c0II7nmcfay

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c99912c05ea3272859245fb82474299

Files

0c99912c05ea3272859245fb82474299
.exe windows:4 windows x86 arch:x86

7ecac4a1ab4528ee48fec7b48bb6924f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharAlphaNumericA
CallWindowProcA
ShowWindow
DestroyWindow
CopyIcon
RemovePropA
GetForegroundWindow
RegisterClassExA
EndTask
GetMenuCheckMarkDimensions
GetClipboardSequenceNumber
RegisterClassA
GetKBCodePage
GetCaretBlinkTime
PeekMessageA
InvalidateRect
VkKeyScanExW
CharUpperBuffW
GetMenuState
CharPrevA
LoadCursorFromFileW
CreateMenu
IsCharAlphaA
GetListBoxInfo
GetClassNameW
ShowCaret
GetKeyboardLayout
ClipCursor
MessageBoxIndirectW
ToUnicodeEx
MonitorFromRect
RegisterHotKey
DdeCreateDataHandle
RemovePropW
GetMenuInfo
CreateCursor
AppendMenuA
DefWindowProcW
CreateDialogParamA
MessageBoxW
TranslateAcceleratorA
GetWindowTextA
GetAncestor
GetQueueStatus
CreateCaret
WINNLSGetIMEHotkey
SwitchDesktop
CharNextExA
InternalGetWindowText
IsWindowUnicode
CharLowerW
GetKeyboardLayoutNameW
EnumDisplaySettingsW
ReleaseDC
SetCursorPos
DispatchMessageW
DdeNameService
CreateWindowExA
SetUserObjectInformationW

kernel32

GetStartupInfoW
GetFileType
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetLocaleInfoW
GetCurrentThread
EnumTimeFormatsW
GetACP
GetModuleFileNameA
GetTimeFormatA
GetSystemTimeAsFileTime
IsValidLocale
GetCurrentProcess
WideCharToMultiByte
HeapFree
GetCurrentProcessId
HeapCreate
SetEnvironmentVariableA
VirtualProtect
GetCommandLineA
GetStringTypeW
GetLastError
LCMapStringW
GetModuleFileNameW
GetCPInfo
HeapDestroy
EnumSystemLocalesA
GetStringTypeA
OpenMutexA
TlsAlloc
TlsFree
GetPrivateProfileStringW
CreateEventA
ExitProcess
DeleteCriticalSection
SetLastError
GetCommandLineW
GetModuleHandleA
FreeEnvironmentStringsA
HeapAlloc
GetOEMCP
GetLocaleInfoA
VirtualQuery
GetTimeZoneInformation
MultiByteToWideChar
TlsSetValue
GetTickCount
TlsGetValue
LeaveCriticalSection
CreateMutexA
GetStartupInfoA
CloseHandle
WriteConsoleOutputAttribute
SetHandleCount
CompareStringW
GetCurrentThreadId
GetProcAddress
IsBadWritePtr
InterlockedExchange
GlobalFindAtomA
EnterCriticalSection
CompareStringA
SetFilePointer
LCMapStringA
SetStdHandle
IsValidCodePage
GetDateFormatA
FlushFileBuffers
GetSystemInfo
GetVersionExA
QueryPerformanceCounter
VirtualAlloc
ReadFile
HeapSize
GetEnvironmentStringsW
RtlUnwind
VirtualFree
InitializeCriticalSection
GetStdHandle
GetEnvironmentStrings
TerminateProcess
WriteFile
GetUserDefaultLCID
LoadLibraryA

gdi32

FillRgn
GdiGetBatchLimit
GetObjectType
GetDeviceGammaRamp
GetObjectA
GetTextExtentPointA
SetColorAdjustment
PolylineTo
RectVisible
SetMapMode
GetTextMetricsA
EqualRgn
SetFontEnumeration
GetEnhMetaFileBits

advapi32

RegCreateKeyW
RegEnumKeyExA
CryptAcquireContextW
RevertToSelf
RegQueryInfoKeyW
RegOpenKeyA
CryptImportKey
InitiateSystemShutdownA
CryptCreateHash
CryptGenRandom
CryptSetProvParam
CryptDestroyHash
CryptExportKey
RegCloseKey
CryptSetProviderW
CryptDestroyKey
ReportEventA
RegOpenKeyExA
CryptSetProviderExA

comctl32

ImageList_Create
GetEffectiveClientRect
ImageList_Replace
InitCommonControlsEx
ImageList_GetBkColor
CreateToolbar
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_Remove
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_SetDragCursorImage
ImageList_GetImageInfo
ImageList_LoadImage
CreateStatusWindowA
CreatePropertySheetPageA

comdlg32

ReplaceTextW
ReplaceTextA

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ecac4a1ab4528ee48fec7b48bb6924f

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

comctl32

comdlg32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 112KB - Virtual size: 122KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 112KB - Virtual size: 122KB

.rsrc
Size: 20KB - Virtual size: 16KB