399eb59cfcfc3ed9ad0588f5b1b2d7f2

Sharing

Copy URL Twitter E-mail

General

Target

399eb59cfcfc3ed9ad0588f5b1b2d7f2
Size

531KB
MD5

399eb59cfcfc3ed9ad0588f5b1b2d7f2
SHA1

21858d8ff55d8eaf2c3cb04c4759d27577fb44e1
SHA256

32c33f273bc2725c45854ae59ef421349d60ae7a957ce0146a1f1a383eb60c9d
SHA512

542ce1cee38462de53d38c87cfaa7000d2a236d6469d8ab76f00b05b69b8eb0e85fe2ce372a38936ed4dbaa2dfac3c47ae1a2f0958927d731c7b0518d36c3dfb
SSDEEP

6144:b3vVxuHVAJWEZkMWUVQ5GAC3dC6fb31XmiZNt4FPE1tIATWKgzkTGnteF4pNN6:b3vVidMf+tCdC6fVmaj1eeF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
399eb59cfcfc3ed9ad0588f5b1b2d7f2

Files

399eb59cfcfc3ed9ad0588f5b1b2d7f2
.exe windows:4 windows x86 arch:x86

6c557b8a7544c90c31f26ddac3f0ee6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuStringA
EnumPropsA
CharLowerW
DdeClientTransaction
UnhookWindowsHookEx
CharUpperA
EnumDisplaySettingsExA
LoadCursorW
GetClassLongA
RegisterClassA
DefFrameProcA
RegisterClassExA
CloseClipboard
WINNLSEnableIME
GetUserObjectInformationA
SetMenuItemInfoA
SetFocus
SetMenu
GetForegroundWindow
MessageBeep
CharNextExA
WaitMessage

comctl32

InitCommonControlsEx

kernel32

VirtualFree
GetACP
GetSystemTimeAsFileTime
GetVersionExA
VirtualAlloc
FlushFileBuffers
InterlockedExchange
EnumSystemLocalesA
CreateMutexA
GetCommandLineA
GetDateFormatW
InitializeCriticalSection
GetModuleFileNameA
OpenMutexA
GetEnvironmentStrings
GetCurrentThreadId
TlsGetValue
SetHandleCount
TlsAlloc
GetLongPathNameW
ReadFile
UnhandledExceptionFilter
RtlUnwind
GetEnvironmentStringsW
GetCommandLineW
LCMapStringW
MultiByteToWideChar
GetCurrentProcess
GetLastError
GetCurrentThread
EnumDateFormatsA
GetFileType
HeapAlloc
LeaveCriticalSection
HeapSize
GetSystemInfo
GetProcAddress
GetCurrentProcessId
VirtualQuery
SetFilePointer
GetEnvironmentVariableW
LoadLibraryA
MoveFileW
CompareStringW
TerminateProcess
TlsFree
QueryPerformanceCounter
IsValidLocale
GetTimeFormatA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsValidCodePage
HeapFree
GetTimeZoneInformation
GetDateFormatA
GetStringTypeA
GetModuleFileNameW
WriteFile
SetStdHandle
GetStringTypeW
SetLastError
LCMapStringA
DeleteCriticalSection
lstrcat
GlobalUnfix
SetEnvironmentVariableA
GetCalendarInfoW
RemoveDirectoryA
GetLocaleInfoW
HeapDestroy
VirtualProtect
CompareStringA
CloseHandle
GetStartupInfoW
GetOEMCP
HeapReAlloc
GetTickCount
GetStartupInfoA
GetUserDefaultLCID
GetStdHandle
HeapCreate
EnterCriticalSection
CreateDirectoryA
GetFileAttributesExW
TlsSetValue
MapViewOfFile
GetComputerNameA
ExitProcess
GetModuleHandleA
IsBadWritePtr
GetLocaleInfoA
WideCharToMultiByte
GetCPInfo

comdlg32

GetOpenFileNameA
GetFileTitleW

gdi32

CreateScalableFontResourceA
GetCharABCWidthsW
CreateDiscardableBitmap

Sections

.text
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c557b8a7544c90c31f26ddac3f0ee6c

Headers

File Characteristics

Imports

user32

comctl32

kernel32

comdlg32

gdi32

Sections

.text Size: 350KB - Virtual size: 349KB

.rdata Size: 62KB - Virtual size: 84KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 350KB - Virtual size: 349KB

.rdata
Size: 62KB - Virtual size: 84KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 12KB - Virtual size: 12KB