199c0477073dbb3c7fbabbadaae6eb81

General

Target

199c0477073dbb3c7fbabbadaae6eb81
Size

53KB
MD5

199c0477073dbb3c7fbabbadaae6eb81
SHA1

c7864961e58c558cd5baae0816fb7fec5af2195d
SHA256

20f00de08ce9b4d0c2f1f8d80ba8bc31d96d7dd0b47b11f269e28052be74a92c
SHA512

6ff24e3ac50cce923f3729e8ee37fd6ea06538bb69614ee31bbb7f64e3f0d7aa67fa79b8d4ee213a06c4551b7675a263005ff3cf8b3e5bf5d1e7103d1cbab556
SSDEEP

768:EekigtWhXQPnp/RnrAL/Fejbpcb7GGkJI3fks893LagKKfUaEQWIlsKH6XZZ2tiR:EekigtWhXQR/S+o/cD93LamfrEmLHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
199c0477073dbb3c7fbabbadaae6eb81

Files

199c0477073dbb3c7fbabbadaae6eb81
.exe windows:5 windows x86 arch:x86

1023dd5b849ec8ec1db87cf45a282120

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerBuffA
LoadCursorW
PeekMessageA
GetMessageA
GetClassNameW
GetClipboardData
CloseWindowStation
PeekMessageW
OpenDesktopA
GetDlgItemTextW
DispatchMessageW
EndDialog
GetWindowThreadProcessId
ToUnicode
MsgWaitForMultipleObjects
CloseDesktop
SendMessageW
GetMessageW
GetForegroundWindow
GetCursorPos
GetDlgItem
ExitWindowsEx
GetWindowLongW
GetKeyState
FindWindowExW
OpenWindowStationA
GetWindowTextW
GetDlgItemTextA
GetIconInfo
SetProcessWindowStation
DrawIcon
GetKeyboardState
SetThreadDesktop

kernel32

GetLocalTime
GetTickCount
GetDriveTypeW
SetThreadPriority
GetCommandLineA
lstrcpyW
ExpandEnvironmentStringsW
GetUserDefaultUILanguage
FlushFileBuffers
GetModuleFileNameW
CreateThread
SystemTimeToFileTime
CreateFileW
GlobalLock
lstrcatA
FindFirstFileW
lstrcmpiA
CreateEventW
FindClose
ReleaseMutex
GetProcessHeap
DeleteFileW
GetVersionExW
GetCurrentProcessId
SetFileAttributesW
MapViewOfFile
GetLogicalDrives

Sections

.pirwp
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdinip
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lazun
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lun
Size: 25KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1023dd5b849ec8ec1db87cf45a282120

Headers

File Characteristics

Imports

user32

kernel32

Sections

.pirwp Size: 18KB - Virtual size: 39KB

.gdinip Size: 5KB - Virtual size: 10KB

.lazun Size: 1024B - Virtual size: 1KB

.lun Size: 25KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.pirwp
Size: 18KB - Virtual size: 39KB

.gdinip
Size: 5KB - Virtual size: 10KB

.lazun
Size: 1024B - Virtual size: 1KB

.lun
Size: 25KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB