98057c36231c64c4748cf01ad7de5ed6

Sharing

Copy URL Twitter E-mail

General

Target

98057c36231c64c4748cf01ad7de5ed6
Size

341KB
MD5

98057c36231c64c4748cf01ad7de5ed6
SHA1

71f2046d4fdf16f30c8091be0b6435e5c4b74a21
SHA256

6dc8990c0d721a04f2660975b232d8ab2e21c6563a8d218ce9294a4fdf735660
SHA512

978d3c907cac4c6aa5f380e8149e4cc4a4b5b50745f0adf47d489b377f166f151769e13d8f0feaf88773d7598a45bbfabcef5b9c6f209bd488ccec39a83a573f
SSDEEP

6144:P/HYx9zPuOmndPTJowtzIgvH88H+pNziHU:PfQJPudPTf/f+pNW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98057c36231c64c4748cf01ad7de5ed6

Files

98057c36231c64c4748cf01ad7de5ed6
.exe windows:4 windows x86 arch:x86

6530689820fe482e5f300abd05ff6223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\yatsdt.PDB

Imports

kernel32

GetStringTypeW
CreateMutexA
LCMapStringW
UnhandledExceptionFilter
FindAtomA
InterlockedExchange
SetFileAttributesW
GetTimeZoneInformation
CompareStringW
GetStringTypeA
LoadResource
VirtualAlloc
GetVersionExA
LCMapStringA
SetHandleCount
GetOEMCP
IsBadWritePtr
GetStdHandle
GetSystemDirectoryW
ReadConsoleOutputAttribute
InitializeCriticalSection
HeapReAlloc
SetEnvironmentVariableA
CompareStringA
OpenFileMappingA
QueryPerformanceCounter
TlsAlloc
SetLastError
VirtualQuery
GetConsoleTitleW
GetCommandLineA
EnumCalendarInfoExA
TlsFree
GetCurrentProcess
HeapCreate
FlushFileBuffers
CloseHandle
InterlockedIncrement
HeapFree
TerminateProcess
IsValidCodePage
LeaveCriticalSection
SetLocaleInfoA
GetEnvironmentStringsW
OpenWaitableTimerW
LoadLibraryA
EnterCriticalSection
GetLocaleInfoW
OpenMutexA
FreeEnvironmentStringsA
GetSystemInfo
DeleteCriticalSection
GetFileType
ExitProcess
HeapAlloc
SetFilePointer
GetACP
GetCurrentProcessId
FreeEnvironmentStringsW
RtlUnwind
HeapSize
MultiByteToWideChar
ReadFile
GetModuleHandleA
SetStdHandle
GetEnvironmentStrings
GetStartupInfoA
GetUserDefaultLCID
EnumDateFormatsA
HeapDestroy
GetProcAddress
IsValidLocale
WriteFile
EnumSystemLocalesA
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentThreadId
TlsGetValue
GetCPInfo
SetCurrentDirectoryW
GetCurrentThread
GetLocaleInfoA
VirtualFree
GetDateFormatA
GetTickCount
GetLastError
TlsSetValue
CompareFileTime
GetModuleFileNameA
GetTimeFormatA
MoveFileExW
GetShortPathNameA
VirtualProtect
lstrcmpA

comctl32

ImageList_DrawEx
ImageList_DragEnter
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowW
ImageList_EndDrag
ImageList_Add
InitCommonControlsEx
ImageList_Write
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_AddIcon
ImageList_GetFlags
_TrackMouseEvent
ImageList_LoadImage
ImageList_SetFilter
ImageList_DragMove
ImageList_DrawIndirect
DrawInsert
DrawStatusTextW
ImageList_SetOverlayImage
InitMUILanguage

user32

LoadIconW
LookupIconIdFromDirectoryEx
SetWindowWord
CreateMenu
ShowCursor
CreateDialogParamA
MapVirtualKeyW
AnyPopup
GetParent
DrawFrameControl
MapVirtualKeyA
IsCharUpperA
MessageBoxExA
DialogBoxParamA
ClientToScreen
GetMenuCheckMarkDimensions
EnableMenuItem
DlgDirSelectExW
RegisterClassA
InvertRect
GetMenuItemInfoW
CopyImage
RegisterClassExA
SetCursorPos
DdeSetQualityOfService
GetDlgItem
CreateDialogIndirectParamA
SetMenuContextHelpId
SetDlgItemInt

wininet

InternetGetConnectedStateExW
GopherFindFirstFileA
InternetConnectA
SetUrlCacheConfigInfoW
InternetTimeFromSystemTimeA

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6530689820fe482e5f300abd05ff6223

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

wininet

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 89KB - Virtual size: 104KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 89KB - Virtual size: 104KB

.rsrc
Size: 14KB - Virtual size: 13KB