95c04992bf14769fbd1b7b0ada9b9e87

Sharing

Copy URL

Twitter E-mail

General

Target

95c04992bf14769fbd1b7b0ada9b9e87
Size

54KB
MD5

95c04992bf14769fbd1b7b0ada9b9e87
SHA1

e4453a0ffd12e63d8b9c27dcbbda07569407f86e
SHA256

0691fb6c43432dcf56ecaab8a5bfc40890fcc43dffada38e6719d09ae9b94a8b
SHA512

dddfecca5a62aa91aeb0ac749ce42cd70491786c35fd691af61ea4ad3e9a077f3184080c7b58ca23b98cd984d777b0c75ac8fbb14e281882192e71cf74823b6c
SSDEEP

1536:CCRGM1XhxZYqxvew8l/7Eqi7pT2nrQMi:CsGM5egqJIZpT2nsJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95c04992bf14769fbd1b7b0ada9b9e87

Files

95c04992bf14769fbd1b7b0ada9b9e87
.exe windows:4 windows x86 arch:x86

0883127da153cf5b80d6877eec40fac7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetPriorityClass
FileTimeToLocalFileTime
GetTickCount
GetModuleHandleA
GetFileAttributesA
SetErrorMode
SetStdHandle
HeapFree
lstrlenA
TlsGetValue
SetConsoleCtrlHandler
LoadLibraryA
RtlUnwind
ReadProcessMemory
CreateThread
EnumSystemLocalesA
GlobalMemoryStatus
FreeEnvironmentStringsA
GetDriveTypeA
lstrcpyA
GetLastError
SetUnhandledExceptionFilter
GetSystemDirectoryA
GetSystemInfo
lstrcatA
InitializeCriticalSection
GetCurrentThread
SetEvent

msvcrt

time
__getmainargs
wcscat
memmove
__setusermatherr
atoi
_ltoa
fgets
strcspn
_vsnwprintf
wcsncmp
__p__fmode
_strtime
__dllonexit
srand
_wfopen
_exit
_beginthreadex

gdi32

SetBkMode
Ellipse
GetTextMetricsA
CreateDIBSection
GetBkColor
GetObjectA
SetBkColor
StartPage
SaveDC
BitBlt
CreateCompatibleDC
CreateFontIndirectA
Polyline
EndPage
LineTo
RectInRegion

ole32

OleRegGetMiscStatus
CoRegisterClassObject
OleCreateDefaultHandler
OleCreateLinkEx
CoGetStdMarshalEx
OleUninitialize
OleCreateFromData
OleNoteObjectVisible
CoGetClassObject
CoRegisterSurrogate
CoGetTreatAsClass
CoLockObjectExternal
CoDosDateTimeToFileTime
OleFlushClipboard
OleMetafilePictFromIconAndLabel
OleSave
CoGetCurrentProcess
CoGetObjectContext

advapi32

LookupAccountSidA
QueryServiceObjectSecurity
CreateProcessAsUserA
LookupPrivilegeValueW
IsValidSecurityDescriptor
CloseServiceHandle
RegCloseKey
StartServiceA
GetLengthSid
RegEnumValueA
GetSidSubAuthority
GetAce
IsValidSid
QueryServiceStatus
SetSecurityInfo
RegDeleteValueA

user32

GetWindowPlacement
KillTimer
DrawFrameControl
GetClassNameA
GetCursorPos
ClientToScreen
ModifyMenuA
IsWindowVisible
DefMDIChildProcA
GetWindowThreadProcessId
ChildWindowFromPoint
EndPaint
ExitWindowsEx
SetDlgItemTextA
InvalidateRect
GetWindowRect
GetMenu

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 883B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0883127da153cf5b80d6877eec40fac7

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

ole32

advapi32

user32

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 1024B - Virtual size: 883B

.data Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 1024B - Virtual size: 883B

.data
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 984B