96558569056d9d0dac5e2d0a87814e86

Sharing

Copy URL Twitter E-mail

General

Target

96558569056d9d0dac5e2d0a87814e86
Size

158KB
MD5

96558569056d9d0dac5e2d0a87814e86
SHA1

a84d351090a4213d9fe64b343b69dd1b5fe91d26
SHA256

bdc531d16386b5d7f2d459d6e6c9d1c5569e318a769406189a15dd7d8e00ed2c
SHA512

978afa6f8495fd38b8e7d69e0b890cfe862a6962c233a4d40d525a0a2c54adfdbba0c3bf14f08057f5497ee8d5d6cd38ffe459eab1a87fc2305ed536a42ac94f
SSDEEP

3072:Dr1H+98UyIIDLRrSxZhOspfiVkG1MW5FUWi5Y9FYlc:DrGyjrSxZhZfPkTWYQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96558569056d9d0dac5e2d0a87814e86

Files

96558569056d9d0dac5e2d0a87814e86
.exe windows:4 windows x86 arch:x86

d5734265c0a3a2f393c6caa5df223ab7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
SetHandleCount
GetCurrentThreadId
LockFile
ResetEvent
MoveFileA
GetConsoleCP
CreateThread
HeapDestroy
CreateFileA
OutputDebugStringA
lstrcpyA
InterlockedExchange
UnmapViewOfFile
GetACP
DeviceIoControl
TlsAlloc
CreateEventA
FreeEnvironmentStringsW
GetStartupInfoA
ExitProcess
CopyFileA
SetStdHandle
SizeofResource
SetEndOfFile
SetThreadPriority
GetFileAttributesW
LoadLibraryW
SetErrorMode
CreateFileW
GetCurrentProcessId
GetCommandLineA
GetProcAddress
GetDiskFreeSpaceA
HeapFree
ReadFile
GlobalLock
FormatMessageA
HeapReAlloc
LoadLibraryA
GetLocaleInfoW
DeleteFileW
InitializeCriticalSection
lstrlenA
GetPrivateProfileStringA
GetModuleHandleW
CloseHandle
GetSystemTimeAsFileTime
InterlockedDecrement
SetFilePointer
VirtualQuery
CompareStringW
UnhandledExceptionFilter
SetLastError
GetLocaleInfoA
GetDriveTypeW
IsDebuggerPresent
VirtualProtect
WaitForSingleObject
GetStringTypeW
GetCurrentDirectoryW
FindFirstFileA
LocalAlloc
GetProcessHeap
SetConsoleCP
HeapAlloc
TlsFree
FreeEnvironmentStringsA
Sleep
GetVersionExA
IsValidLocale
TlsGetValue
GetOEMCP
GetSystemInfo
GetLastError
GetTickCount
QueryPerformanceCounter
WritePrivateProfileStringA
InterlockedCompareExchange
GetModuleHandleA

user32

CallNextHookEx
TrackPopupMenu
SendDlgItemMessageA
DrawFocusRect
PostMessageW
SystemParametersInfoW
GetWindowLongA
RegisterClassA
EndDialog
GetDlgItemTextW
MoveWindow
GetWindowLongW
SetWindowPos
GetClientRect
UnhookWindowsHookEx
InflateRect
PostMessageA
GetNextDlgTabItem
EndPaint
MsgWaitForMultipleObjects
IsIconic
CreateWindowExA
IsWindowVisible
DestroyWindow

gdi32

MoveToEx
CreateCompatibleBitmap
SetROP2
BitBlt
RectVisible
SelectObject
CreateSolidBrush

advapi32

GetTokenInformation
RegOpenKeyExW
RegQueryValueExW

msvcrt

_initterm
_wtol
?terminate@@YAXXZ
memcpy
memmove
_XcptFilter
_adjust_fdiv
_errno
memset
__p__commode

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoA

rpcrt4

RpcStringFreeA

ole32

ReleaseStgMedium
CoTaskMemRealloc
CLSIDFromProgID

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5734265c0a3a2f393c6caa5df223ab7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

version

rpcrt4

ole32

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 124KB - Virtual size: 181KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 124KB - Virtual size: 181KB

.rsrc
Size: 2KB - Virtual size: 2KB