98668caef6c5c3fc85080a48886bdc08

Sharing

Copy URL

Twitter E-mail

General

Target

98668caef6c5c3fc85080a48886bdc08
Size

254KB
MD5

98668caef6c5c3fc85080a48886bdc08
SHA1

ace89f02c12ccf307c439dfcf24326e1dc270bfa
SHA256

cc0e48b92287d399c240b84af612ab28cad679f36721715705b0710fb9745bbd
SHA512

db13fa14982c2993247285f147fd7053683ebc130215cc99222936a9d6eb99e728b56d449a0b7ef6867c7fc037fad9acd48717ae49cc52162ec09514a1686a2a
SSDEEP

6144:0n5Ug0vat/VbiTICAqQFgit8VYCBIGDOUyGX6i3V4:05B0ClslDiyTBIGCUyGvm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98668caef6c5c3fc85080a48886bdc08

Files

98668caef6c5c3fc85080a48886bdc08
.exe windows:5 windows x86 arch:x86

cbb71fcab3dec570b56b61786c0d44b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetModuleFileNameA
GetFileAttributesA
WritePrivateProfileSectionA
DeleteFileA
ReadFile
SetFileAttributesA
FormatMessageA
GetLastError
CopyFileA
GetPrivateProfileSectionA
CreateDirectoryA
GetSystemInfo
GetShortPathNameA
WriteFile
GetExitCodeProcess
CreateProcessA
_llseek
_lwrite
_lread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileInformationByHandle
GetTickCount
_lclose
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
MoveFileA
GetTempPathA
GetTempFileNameA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceExA
EnumResourceLanguagesA
EnumResourceNamesA
FreeLibrary
EnumResourceTypesA
LoadLibraryExA
GlobalAlloc
GetCurrentDirectoryA
GetSystemTime
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetPrivateProfileIntA
HeapFree
lstrcpynA
ExitProcess
GetProcAddress
GetModuleHandleA
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
SetStdHandle
FlushFileBuffers
GetFullPathNameA
lstrcmpiA
LocalAlloc
lstrcatA
lstrlenA
lstrcpyA
IsDBCSLeadByte
FindFirstFileA
FindClose
GetPrivateProfileStringA
lstrcmpA
HeapAlloc
WritePrivateProfileStringA
CreateFileA
CloseHandle
GetCommandLineA
LocalFree

gdi32

GetStockObject
DeleteObject
GetDeviceCaps
GetObjectA
CreateFontIndirectA

user32

LoadStringA
SendMessageA
ReleaseDC
GetDC
CharNextA
SendDlgItemMessageA
GetSystemMetrics
MessageBoxA
MessageBeep
wsprintfA
SetFocus
PostMessageA
SetDlgItemTextA
GetDlgItemTextA
IsDlgButtonChecked
CheckDlgButton
ShowWindow
GetWindowRect
CheckRadioButton
MsgWaitForMultipleObjects
DispatchMessageA
PeekMessageA
GetParent
SetWindowLongA
GetWindowLongA
CallWindowProcA
EnableWindow
GetDlgItem
CharPrevA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9e3c
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1o2p
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.16as
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aeas
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.k1kl
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ps1i
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t3ta
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ksi1
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.12i1
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.123f
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eaa
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ze
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1teaX
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.134
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.724
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.182
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.381
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.832
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ii32
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i832
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i833
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i803
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i804
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbb71fcab3dec570b56b61786c0d44b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

comdlg32

version

advapi32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.9e3c Size: 201KB - Virtual size: 201KB

.1o2p Size: 201KB - Virtual size: 201KB

.16as Size: 512B - Virtual size: 216B

.aeas Size: 512B - Virtual size: 216B

.k1kl Size: 512B - Virtual size: 216B

.ps1i Size: 512B - Virtual size: 216B

.t3ta Size: 512B - Virtual size: 216B

.ksi1 Size: 512B - Virtual size: 216B

.12i1 Size: 512B - Virtual size: 216B

.123f Size: 512B - Virtual size: 216B

.eaa Size: 512B - Virtual size: 216B

.ze Size: 512B - Virtual size: 216B

.1teaX Size: 512B - Virtual size: 216B

.134 Size: 512B - Virtual size: 216B

.724 Size: 512B - Virtual size: 216B

.182 Size: 512B - Virtual size: 216B

.381 Size: 512B - Virtual size: 216B

.832 Size: 512B - Virtual size: 216B

.ii32 Size: 512B - Virtual size: 216B

.i832 Size: 512B - Virtual size: 216B

.i833 Size: 512B - Virtual size: 222B

.i803 Size: 512B - Virtual size: 222B

.i804 Size: 512B - Virtual size: 222B

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 312B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.9e3c
Size: 201KB - Virtual size: 201KB

.1o2p
Size: 201KB - Virtual size: 201KB

.16as
Size: 512B - Virtual size: 216B

.aeas
Size: 512B - Virtual size: 216B

.k1kl
Size: 512B - Virtual size: 216B

.ps1i
Size: 512B - Virtual size: 216B

.t3ta
Size: 512B - Virtual size: 216B

.ksi1
Size: 512B - Virtual size: 216B

.12i1
Size: 512B - Virtual size: 216B

.123f
Size: 512B - Virtual size: 216B

.eaa
Size: 512B - Virtual size: 216B

.ze
Size: 512B - Virtual size: 216B

.1teaX
Size: 512B - Virtual size: 216B

.134
Size: 512B - Virtual size: 216B

.724
Size: 512B - Virtual size: 216B

.182
Size: 512B - Virtual size: 216B

.381
Size: 512B - Virtual size: 216B

.832
Size: 512B - Virtual size: 216B

.ii32
Size: 512B - Virtual size: 216B

.i832
Size: 512B - Virtual size: 216B

.i833
Size: 512B - Virtual size: 222B

.i803
Size: 512B - Virtual size: 222B

.i804
Size: 512B - Virtual size: 222B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 312B