2999365db636f54f0412a98705045e8b

Sharing

Copy URL

Twitter E-mail

General

Target

2999365db636f54f0412a98705045e8b
Size

536KB
MD5

2999365db636f54f0412a98705045e8b
SHA1

f049f044ac0fb17606cd02665ff7fb8b3f7882ca
SHA256

4710a560ecc01eee02b5fcb4215e0ce444087a62586ee783a8d279f8ba0cac9c
SHA512

d61ea0e9627747787c4da012a50fbc348f875c1675494ede5808257ddcb43a1a071498fd857c5c722936b6a28853ad3291cd003765490e2981b5207337875339
SSDEEP

12288:BParVZnS4TUcWQ7VeTnpQw6FwZyKbod4iki3RIu:BSnnS4TUcWHTGFwZmvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2999365db636f54f0412a98705045e8b

Files

2999365db636f54f0412a98705045e8b
.exe windows:5 windows x86 arch:x86

6f81a745d36d01739d0b84a611f06970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
ReleaseDC
SetWindowPos
EndPaint
GetDC
GetCursorPos
MsgWaitForMultipleObjects
ShowWindow
TranslateMessage
EnableMenuItem
GetSubMenu
FillRect
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
PostMessageA
SetWindowLongA
SetWindowTextA
CheckMenuItem
LoadCursorA
SetForegroundWindow
MessageBoxA
SystemParametersInfoA
InvalidateRect
GetClientRect
GetFocus

kernel32

GetOEMCP
RtlUnwind
VirtualFree
GetEnvironmentVariableA
GetCurrentThreadId
GetFileType
SetHandleCount
GetEnvironmentStringsW
VirtualAlloc
CreateProcessW
HeapCreate
SizeofResource
GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
MapViewOfFile
RaiseException
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
Sleep
GlobalUnlock
LCMapStringA
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
TlsSetValue
CreateEventA
CreateFileW
GetProcAddress
FindFirstFileA
GlobalLock
DeleteFileW
GetStartupInfoW
CreateDirectoryA
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
EnterCriticalSection
HeapFree
InterlockedIncrement
GetVersion
SetEndOfFile
VirtualQuery
WriteConsoleA
SetUnhandledExceptionFilter
TerminateProcess
CreateFileA
CreateThread
GetModuleHandleA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
GetSystemTime
SetLastError
FormatMessageA
InterlockedDecrement
LoadResource
InitializeCriticalSection
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
GetCPInfo
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetConsoleMode
GetCurrentProcess
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetProcessHeap
ExitProcess

gdi32

DeleteObject
GetDeviceCaps
SelectObject

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 500KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f81a745d36d01739d0b84a611f06970

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 500KB - Virtual size: 496KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 500KB - Virtual size: 496KB

.rsrc
Size: 8KB - Virtual size: 4KB