979718de20395daea01592a069477af5

Sharing

Copy URL Twitter E-mail

General

Target

979718de20395daea01592a069477af5
Size

492KB
MD5

979718de20395daea01592a069477af5
SHA1

0798d356bc9a8745ee24749bfffa7aecc584c499
SHA256

3940966b3adca74fc1cd3b2d8fa8102c3fffb746df052b93b5be159a151ff20c
SHA512

bdd7dc39c8afdc8dc4de955744be609f6586143e759c42c5355241698c10e99db3658769c26e92dc294a17b37a4e8766f6ef68a4f8e323ac7e60f2a86459de35
SSDEEP

12288:bPM37+i8EguQxfWHhnGbuI/Me/MgzQUaf/x:SiiSuMWhI/BFcPf5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
979718de20395daea01592a069477af5

Files

979718de20395daea01592a069477af5
.exe windows:4 windows x86 arch:x86

9be0b42f599af4e0b12f6923768bf221

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\

Imports

advapi32

CryptAcquireContextA
GetUserNameA
CryptVerifySignatureA
LogonUserA
CryptGenKey

user32

ShowWindow
DestroyWindow
DlgDirSelectComboBoxExW
SendMessageTimeoutW
GetWindowPlacement
BroadcastSystemMessageA
SetDlgItemTextW
DefWindowProcW
ExitWindowsEx
EnumWindows
IsDialogMessageW
OemToCharA
ChangeMenuW
CreateMenu
AppendMenuW
SendNotifyMessageA
RegisterClassA
CascadeChildWindows
MessageBoxA
GetCapture
SetClipboardData
LoadKeyboardLayoutA
FindWindowW
SetMenuItemBitmaps
GetWindowTextLengthA
WINNLSGetIMEHotkey
RedrawWindow
SetWindowPos
GetMenuContextHelpId
CreateWindowExA
SetCursor
LoadCursorFromFileA
DlgDirListA
RegisterClassExA
MonitorFromWindow

comctl32

ImageList_DragMove
ImageList_Copy
ImageList_Create
CreatePropertySheetPage
ImageList_Duplicate
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_Write
CreateStatusWindow
CreateMappedBitmap
DrawStatusTextW
InitCommonControlsEx
ImageList_Draw
CreateUpDownControl
ImageList_Remove

kernel32

UnhandledExceptionFilter
CopyFileExA
DeleteFileA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
lstrcpyW
FindFirstFileW
IsBadReadPtr
WriteConsoleOutputCharacterA
IsValidCodePage
TransactNamedPipe
TlsSetValue
SetThreadIdealProcessor
GetTickCount
GetModuleFileNameA
RtlUnwind
GetFileAttributesExA
lstrcmpiW
SetHandleCount
GetLongPathNameW
DebugBreak
GlobalSize
VirtualQuery
FlushFileBuffers
SetThreadLocale
SetEvent
EnumSystemLocalesA
LoadLibraryA
GetStartupInfoA
CompareStringA
CompareStringW
GetStringTypeW
TlsFree
InterlockedIncrement
WritePrivateProfileStructW
CreateMutexA
SetLastError
SetConsoleCursorPosition
GetSystemInfo
WriteFile
WriteFileEx
FindFirstFileA
GetProcAddress
TerminateProcess
GetCurrentProcess
GetEnvironmentStrings
QueryPerformanceCounter
GetDateFormatA
CloseHandle
FormatMessageA
SetFilePointer
GetLastError
InterlockedDecrement
VirtualFree
LocalHandle
CreateFileMappingA
SetComputerNameA
EnumResourceNamesA
SetVolumeLabelW
GetACP
GetTimeFormatA
IsBadWritePtr
lstrcmpiA
SetConsoleCtrlHandler
GetCompressedFileSizeA
SetStdHandle
AllocConsole
HeapDestroy
ExitProcess
GetCPInfo
GetModuleHandleA
GetStringTypeExA
GetLogicalDriveStringsW
SetFileAttributesW
GetCurrentThreadId
LCMapStringW
LCMapStringA
HeapValidate
IsValidLocale
GetCurrentProcessId
FindNextChangeNotification
SetLocaleInfoW
InitializeCriticalSection
CreateThread
VirtualProtect
GetNamedPipeInfo
HeapFree
MoveFileW
GetTimeZoneInformation
GetOEMCP
GetLocaleInfoW
GetCommandLineA
HeapAlloc
GetThreadTimes
CreateNamedPipeW
EnterCriticalSection
ReadFile
lstrlen
GetCurrencyFormatW
GetUserDefaultLCID
MultiByteToWideChar
GetFileType
OpenMutexA
InterlockedExchange
FreeEnvironmentStringsW
TlsAlloc
FreeEnvironmentStringsA
GetCurrentThread
GlobalFindAtomW
HeapCreate
GetStdHandle
DeleteCriticalSection
OutputDebugStringA
GetAtomNameA
UnlockFileEx
GlobalFindAtomA
FindNextFileW
lstrcpyn
HeapReAlloc
WritePrivateProfileSectionW
LeaveCriticalSection
VirtualAlloc
GetVersionExA
GetStringTypeA
LocalFree
SetCriticalSectionSpinCount
TlsGetValue
SetEnvironmentVariableA
WideCharToMultiByte
GetLocaleInfoA
GetStartupInfoW

gdi32

SetBitmapBits
SetICMProfileW
GetTextCharset
Chord
SelectClipRgn
EnumFontsA
DeleteDC
DPtoLP
GetTextMetricsA
GetDeviceCaps
GetGraphicsMode
RectInRegion
CreatePen
GetObjectW
GdiPlayJournal
ExcludeClipRect
PlgBlt
EnumICMProfilesW
SetPixel
EndDoc
AbortDoc
CreateDCW
CreateRectRgnIndirect
GetEnhMetaFileHeader

wininet

HttpQueryInfoW
DeleteUrlCacheEntry

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9be0b42f599af4e0b12f6923768bf221

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

comctl32

kernel32

gdi32

wininet

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 137KB - Virtual size: 136KB

.data Size: 96KB - Virtual size: 101KB

.rsrc Size: 94KB - Virtual size: 93KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 137KB - Virtual size: 136KB

.data
Size: 96KB - Virtual size: 101KB

.rsrc
Size: 94KB - Virtual size: 93KB