8996a90cce3aa129f4edc5d7d1e1fdb1

Sharing

Copy URL Twitter E-mail

General

Target

8996a90cce3aa129f4edc5d7d1e1fdb1
Size

182KB
MD5

8996a90cce3aa129f4edc5d7d1e1fdb1
SHA1

7f919c54c7ef5eaf875904819920d85918e7d246
SHA256

c1bc6217852cdb7b79af7d4a000e5a40097081c04a32ec4b723d0695b69df0b0
SHA512

09fc3f639ddc386b60055c30a57f237bbfc01dcd62ebce4b5d0aa20b7b6648e1c27d2c3a886871dfd68ea59eacef1c1d90c3b0ca669790122b72e7d9c3e22d97
SSDEEP

3072:tdcU266/krKAFykoWCL4VVbCj2YXJskma1kmiW4jG0jMifyU:tdcU26CZK5CL3PX+ak1W4jG0YE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8996a90cce3aa129f4edc5d7d1e1fdb1

Files

8996a90cce3aa129f4edc5d7d1e1fdb1
.exe windows:4 windows x86 arch:x86

4b229f5898a76fd8efc7cdfcb680afdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
GetLengthSid
RegEnumKeyA

msvcrt

memmove
log
memcpy
malloc

user32

GetDC
GetForegroundWindow
FindWindowA
SetWindowPos
GetMenuState
BeginDeferWindowPos
GetParent
ShowScrollBar
EnumChildWindows
EnableWindow
GetMessagePos
GetActiveWindow
CharToOemA
GetWindow
DrawFrameControl
GetClassLongA
CallWindowProcA
EnableScrollBar
GetClipboardData
CallNextHookEx
GetDCEx
CreatePopupMenu
GetCapture
GetIconInfo
GetCursor
SetCursor
GetPropA
GetLastActivePopup
GetWindowTextA
EqualRect
EndDeferWindowPos
GetSubMenu
EnableMenuItem
GetSysColorBrush
DrawEdge
HideCaret
GetScrollRange
SetWindowTextA
GetSysColor
GetScrollInfo
DrawIcon
EnumThreadWindows
FillRect
CreateIcon
GetKeyState
DefMDIChildProcA
EnumWindows
MessageBoxA
SystemParametersInfoA
IsChild
IsWindowVisible
GetMenu
RegisterClassA
DefFrameProcA
GetClientRect
GetMenuItemID
CreateWindowExA
DispatchMessageA
GetScrollPos
BeginPaint
GetMenuStringA
EndPaint
GetDlgItem
GetMenuItemInfoA
CreateMenu

kernel32

GetFileAttributesA
FreeLibrary
SetEvent
GetProcessHeap
GetStringTypeA
GetCPInfo
SetErrorMode
lstrcpyA
GetCommandLineA
SetLastError
SetEndOfFile
DeleteFileA
SetThreadLocale
GetCurrentProcess
EnumCalendarInfoA
GetCurrentThreadId
MulDiv
FindResourceA
HeapFree
LocalAlloc
GetACP
LoadLibraryA
lstrlenA
lstrcpynA
FormatMessageA
GetSystemDefaultLangID
ResetEvent
LocalReAlloc
GetFileType
GetCurrentThread
GetLastError
GetModuleHandleA
VirtualAllocEx
FindClose
WideCharToMultiByte
WaitForSingleObject
GetStartupInfoA
GetVersion
DeleteCriticalSection
MoveFileA
GetStdHandle
FindFirstFileA
GlobalAlloc
GlobalFindAtomA
CreateThread
SetHandleCount
RaiseException
ExitProcess
lstrcmpA
GetLocaleInfoA
VirtualFree
VirtualAlloc
CreateFileA
VirtualQuery
GlobalAddAtomA
LoadLibraryExA
GetModuleFileNameA
GetUserDefaultLCID
MoveFileExA
GetStringTypeW
GetLocalTime
LockResource
CloseHandle
Sleep
LocalFree
GetOEMCP
ExitThread
SetFilePointer
GetVersionExA
HeapAlloc

Sections

CODE
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 4KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b229f5898a76fd8efc7cdfcb680afdd

Headers

File Characteristics

Imports

advapi32

msvcrt

user32

kernel32

Sections

CODE Size: 55KB - Virtual size: 54KB

BSS Size: 4KB - Virtual size: 103KB

.tls Size: 122KB - Virtual size: 121KB

CODE
Size: 55KB - Virtual size: 54KB

BSS
Size: 4KB - Virtual size: 103KB

.tls
Size: 122KB - Virtual size: 121KB