598fd328ca6b6ae9cf5473accb07bdf2

Sharing

Copy URL

Twitter E-mail

General

Target

598fd328ca6b6ae9cf5473accb07bdf2
Size

100KB
MD5

598fd328ca6b6ae9cf5473accb07bdf2
SHA1

0002b1e0af091a797d53d48b14b3d52d7ba9d21f
SHA256

9a158834d1e226ace455248256d70d8183681c4c6dc0fd643a5cc8e50ba89778
SHA512

7ebe9693a0a7b5d1d0340cd66c67df637b2d3d9bf4ab54b322f3ad9933e87e0c0c576af3ce471babda5022b35b8dca1543d2a501ff8cde502ec0f268e0f4ea56
SSDEEP

1536:2kAsypY9vWt24H5vaYRv4Am4ntuQDRlRWzXj:/c4vWBHNaupjtNlRWLj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
598fd328ca6b6ae9cf5473accb07bdf2

Files

598fd328ca6b6ae9cf5473accb07bdf2
.exe windows:4 windows x86 arch:x86

48f9920e30e93dfd0ca948a9fab91508

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA

comdlg32

GetSaveFileNameA

kernel32

FormatMessageA
EnumCalendarInfoA
SetThreadLocale
GetCurrentThread
CloseHandle
GetFileSize
GetThreadLocale
CreateEventA
ResetEvent
GetStringTypeA
FreeResource
GetLastError
GlobalAlloc
GlobalAddAtomA
CompareStringA
Sleep
GetUserDefaultLCID
GetCPInfo
GetTickCount
MoveFileExA
FindResourceA
SetHandleCount
GetLocaleInfoA
lstrcpynA
MoveFileA
HeapFree
GetCurrentThreadId
lstrcatA
GetSystemDefaultLangID
GetOEMCP
LoadLibraryExA
GetCurrentProcessId
HeapAlloc
GetEnvironmentStrings
VirtualQuery
VirtualAllocEx
ExitThread
GetDiskFreeSpaceA
GetModuleHandleA
LoadLibraryA
WriteFile
WaitForSingleObject
GetModuleFileNameA
lstrlenA
GetProcessHeap
VirtualAlloc
SetEndOfFile
GetProcAddress
SetErrorMode
GetStringTypeW

msvcrt

tan
abs
strcmp
memcpy
time

shlwapi

PathGetCharTypeA
SHQueryValueExA
SHQueryInfoKeyA
PathIsContentTypeA
SHDeleteKeyA
SHGetValueA
SHSetValueA
PathFileExistsA
PathIsDirectoryA
SHDeleteValueA

user32

CharLowerBuffA
DrawIconEx
FindWindowA
GetKeyboardType
CreateMenu
GetClassNameA
CloseClipboard
SetPropA
DefMDIChildProcA
InvalidateRect
SendMessageA
GetSubMenu
MapVirtualKeyA
CharToOemA
GetClientRect
CallWindowProcA
IsChild
CreatePopupMenu
IsRectEmpty
ClientToScreen
GetWindow
CreateIcon
GetMenuItemInfoA
GetWindowDC
ActivateKeyboardLayout
GetKeyNameTextA
IsDialogMessageA
FillRect
SetMenu
GetCursor
ReleaseDC
DrawEdge
SetScrollInfo
GetMenu

ole32

CoGetContextToken
CoFreeUnusedLibraries
CreateBindCtx
StgCreateDocfileOnILockBytes
CoCreateGuid
ReleaseStgMedium
OleRun
CLSIDFromString
CoDisconnectObject

gdi32

GetDIBits
CreateBitmap
SaveDC
SelectObject
CreatePenIndirect
GetBitmapBits
SetBkColor
SelectPalette

comctl32

ImageList_Read
ImageList_DrawEx
ImageList_Remove
ImageList_GetBkColor
ImageList_Destroy
ImageList_Draw

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48f9920e30e93dfd0ca948a9fab91508

Headers

File Characteristics

Imports

version

comdlg32

kernel32

msvcrt

shlwapi

user32

ole32

gdi32

comctl32

Sections

.text Size: 29KB - Virtual size: 29KB

.edata Size: 1024B - Virtual size: 582B

BSS Size: 68KB - Virtual size: 68KB

.text
Size: 29KB - Virtual size: 29KB

.edata
Size: 1024B - Virtual size: 582B

BSS
Size: 68KB - Virtual size: 68KB