98affc12f0163ee7e688b0e6a5fe8d9f

Sharing

Copy URL Twitter E-mail

General

Target

98affc12f0163ee7e688b0e6a5fe8d9f
Size

241KB
MD5

98affc12f0163ee7e688b0e6a5fe8d9f
SHA1

6fc92291149dedd8b9d07e53cbbfd1a2c8d3dec9
SHA256

016a73a8d69edd912ebc68fbc456faa17b7d58ba4987ced4a19cb4035e13c5c5
SHA512

41c955f691efc82debdaf5e1a5ccfc0b9ac5b8e2c3668f916ecfafa91682860e318af18c188e4f08fdff64eb56908aa688cbeb123ce6384b300054f82f6e99fe
SSDEEP

6144:oDfrALhMRBrMk8t9SUD8TU2gKmy3nSWYa6tXy:2KMjrlXU4hb3nSWh65y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98affc12f0163ee7e688b0e6a5fe8d9f

Files

98affc12f0163ee7e688b0e6a5fe8d9f
.exe windows:4 windows x86 arch:x86

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
EnterCriticalSection
LocalAlloc
SizeofResource
WaitForSingleObject
LockResource
FreeLibrary
WaitForMultipleObjects
IsDebuggerPresent
GetCurrentThreadId
GetGeoInfoW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SystemTimeToTzSpecificLocalTime
DisableThreadLibraryCalls
LocalFree
OpenProcess
CreateFileW
lstrlenW
UnhandledExceptionFilter
SystemTimeToFileTime
GetUserDefaultUILanguage
TzSpecificLocalTimeToSystemTime
LoadLibraryExW
GetSystemTime
FindResourceW
FindResourceExW
LeaveCriticalSection
WideCharToMultiByte
GetLocalTime
CompareFileTime
HeapDestroy
HeapSize
GetUserGeoID
GetNumberFormatW
CreateProcessW
DeleteCriticalSection
HeapReAlloc
ProcessIdToSessionId
LoadResource
GetQueuedCompletionStatus
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetProcessHeap
GlobalFree
RaiseException
CloseHandle
GetFileAttributesExW
PostQueuedCompletionStatus
CreateIoCompletionPort
GetStartupInfoA
VirtualAllocEx

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance
IIDFromString

oleaut32

VariantInit
VariantCopyInd
VariantClear
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi

psapi

GetModuleBaseNameW

user32

PostMessageW
GetSystemMetrics
EnumWindows
GetActiveWindow
DestroyIcon
GetWindowThreadProcessId
LoadIconW
GetDesktopWindow
AllowSetForegroundWindow

crypt32

CryptProtectData
CryptUnprotectData
CertFreeCertificateContext
CertNameToStrW

rpcrt4

UuidFromStringW

mscms

CreateColorTransformA
IsColorProfileTagPresent
InternalGetPS2ColorRenderingDictionary
CheckColors
GetPS2ColorRenderingIntent
InternalGetPS2CSAFromLCS
SetColorProfileElementSize
ConvertColorNameToIndex

sti

DllCanUnloadNow
DllUnregisterServer
StiCreateInstance
DllGetClassObject
GetProxyDllInfo
StiCreateInstanceW
DllRegisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MZwuwI
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KcPaf
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Pn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

psapi

user32

crypt32

rpcrt4

mscms

sti

Sections

.text Size: 18KB - Virtual size: 17KB

.MZwuwI Size: 1KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.KcPaf Size: 1KB - Virtual size: 6KB

.Pn Size: 2KB - Virtual size: 4KB

.data Size: 213KB - Virtual size: 285KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.MZwuwI
Size: 1KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.KcPaf
Size: 1KB - Virtual size: 6KB

.Pn
Size: 2KB - Virtual size: 4KB

.data
Size: 213KB - Virtual size: 285KB

.rsrc
Size: 4KB - Virtual size: 4KB