137e99284b1be0dddcb95ecce94f1a99

Sharing

Copy URL Twitter E-mail

General

Target

137e99284b1be0dddcb95ecce94f1a99
Size

752KB
MD5

137e99284b1be0dddcb95ecce94f1a99
SHA1

dcc60925ab5d21b1e0df57fb1e626f1e848e309f
SHA256

ad1f3db166c43a670efc82913267670b1bfd065a38a2278c815f0ead3b11f98b
SHA512

2675df791b000162552208296e1d54cd2d843aca1d7f45267d53151f5a53dd75add08cd304c850ebf3b2f2113d06294a0636e7a2ce5f99194452999f3d63e0f3
SSDEEP

12288:sN8Msj9o5MVOGKXhpdAkDgH8g4bbP8RfDtCf63t1BmCTUDrm:oY9DVKXXXg4bbPUG63QC/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
137e99284b1be0dddcb95ecce94f1a99

Files

137e99284b1be0dddcb95ecce94f1a99
.exe windows:4 windows x86 arch:x86

ca9eff4b42e7d5d7da05a30a4ff8a614

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
PulseEvent
GetLastError
CloseHandle
CreateMutexA
GetTimeFormatA
GetCurrentProcess
LCMapStringW
LCMapStringA
WriteConsoleA
VirtualQuery
InitializeCriticalSectionAndSpinCount
IsValidCodePage
FreeEnvironmentStringsW
CompareStringW
VirtualFree
GetConsoleCP
GetSystemTimeAsFileTime
GetOEMCP
Sleep
GetCurrentThreadId
GetThreadPriority
WideCharToMultiByte
EnumSystemLocalesA
GetStdHandle
InterlockedDecrement
CreateThread
OutputDebugStringW
DeleteCriticalSection
HeapAlloc
GetStringTypeA
VirtualAlloc
SetHandleCount
GetEnvironmentStringsW
InterlockedExchange
GetConsoleOutputCP
IsValidLocale
RtlUnwind
GetLocaleInfoW
GetLocaleInfoA
HeapSize
GetProcAddress
WritePrivateProfileStructA
TerminateProcess
InterlockedIncrement
SetConsoleCtrlHandler
SetStdHandle
WriteFile
TlsSetValue
GetModuleHandleA
GetStartupInfoA
GetFileType
ExitProcess
OpenMutexA
MultiByteToWideChar
HeapDestroy
GetUserDefaultLCID
QueryPerformanceCounter
GetModuleFileNameA
FreeEnvironmentStringsA
GetFileAttributesExA
CompareStringA
IsDebuggerPresent
GetModuleHandleW
HeapFree
GetCurrentProcessId
WriteConsoleOutputCharacterW
GetTimeZoneInformation
GetCPInfo
GetConsoleMode
LeaveCriticalSection
GetCurrentThread
SetUnhandledExceptionFilter
TlsGetValue
ReadConsoleA
lstrcat
GetEnvironmentStrings
SetLastError
FlushFileBuffers
GetTickCount
FreeLibrary
GetACP
SetFilePointer
GetNamedPipeInfo
TlsAlloc
GetCommandLineA
WriteConsoleW
CreateFileA
TlsFree
LoadLibraryA
GetStringTypeW
HeapReAlloc
EnterCriticalSection
HeapCreate
GetDateFormatA
ReadFile
SetEnvironmentVariableA

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_Copy
_TrackMouseEvent
ImageList_SetImageCount
ImageList_Read
ImageList_Merge

user32

MonitorFromWindow
RegisterWindowMessageW
InternalGetWindowText
DdeReconnect
BringWindowToTop
GetDC
EnumDesktopWindows
DdeQueryConvInfo
ChildWindowFromPointEx
DdeCmpStringHandles
OemToCharBuffA
DrawMenuBar
IsIconic
SendIMEMessageExW
GrayStringA
GetClassNameW
PeekMessageW
MsgWaitForMultipleObjectsEx
ChangeMenuA
CharToOemA
BeginDeferWindowPos
RegisterClassExA
ClipCursor
GetWindowTextW
CreateMenu
SetDeskWallpaper
CallMsgFilterW
PostThreadMessageA
RegisterHotKey
GetCaretBlinkTime
DdeCreateStringHandleA
MonitorFromRect
DrawEdge
CreateAcceleratorTableA
GetMenuItemRect
GetUserObjectInformationW
RegisterClassA
DrawStateA
EndPaint
CreateIconFromResourceEx
GetMonitorInfoA
AnyPopup
LoadStringW
IsCharAlphaNumericA
EnumDisplaySettingsW
DlgDirListW
DdeAddData
IsCharAlphaNumericW
IsCharAlphaA
SetWindowLongA
KillTimer
CreateCursor
EndDeferWindowPos
OpenInputDesktop
WaitMessage
SetCapture
GetGuiResources

wininet

InternetGetCookieA
FtpGetFileEx
InternetDial

advapi32

CryptVerifySignatureA
RegDeleteValueW
CryptSetProviderExW
GetUserNameW
RegDeleteValueA
LookupPrivilegeValueW
CryptEnumProviderTypesA
InitializeSecurityDescriptor
InitiateSystemShutdownW
AbortSystemShutdownA
RegOpenKeyW

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca9eff4b42e7d5d7da05a30a4ff8a614

Headers

File Characteristics

Imports

kernel32

comctl32

user32

wininet

advapi32

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 400KB - Virtual size: 398KB

.data Size: 136KB - Virtual size: 161KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 400KB - Virtual size: 398KB

.data
Size: 136KB - Virtual size: 161KB

.rsrc
Size: 20KB - Virtual size: 19KB