98ad07287b1a362e5334c7d5065aa983

Sharing

Copy URL Twitter E-mail

General

Target

98ad07287b1a362e5334c7d5065aa983
Size

580KB
MD5

98ad07287b1a362e5334c7d5065aa983
SHA1

e76b3d0679c95ec0b7dcbe26d45e96a356527ca5
SHA256

bcb2395084882a177b58b5e96937c46110cc2c98394a679ac9d672eba3c270f7
SHA512

744ad84667f88ef138ec1bcde4f770a25c717ecc0810aaaecb9b47f0ec9b996aea911d6adbba3ba2a25456bdf553fe529cb2bf1cd13a025f7398f41c3e9f70e2
SSDEEP

12288:E9W3NgKFMjP20UXV4iRsKjHj/FzLcrA/TDecUU:Et20Ul4iRNjHj2rA/TD+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98ad07287b1a362e5334c7d5065aa983

Files

98ad07287b1a362e5334c7d5065aa983
.exe windows:4 windows x86 arch:x86

6498b903343eae9f6f763a8429cda9e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateHalftonePalette
GetSystemPaletteEntries
PlayMetaFileRecord
GetDeviceCaps
DeleteDC
FillPath
GetSystemPaletteUse
Escape
GetEnhMetaFileBits
SelectClipPath
FrameRgn
CreateDCW
RemoveFontResourceW
SetBkColor
GetTextExtentExPointA
CreateSolidBrush
GetRegionData
CreateDiscardableBitmap
SetPixelFormat
GetObjectW
OffsetWindowOrgEx
ScaleWindowExtEx
SaveDC
ExtFloodFill
CloseMetaFile

comctl32

CreateStatusWindowA
ImageList_DrawEx
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_Write
DrawStatusTextA
ImageList_SetDragCursorImage
CreatePropertySheetPageA
ImageList_AddIcon
CreateToolbar
DrawStatusTextW
ImageList_GetIcon
CreatePropertySheetPageW
ImageList_DragLeave
CreateUpDownControl
ImageList_SetIconSize
DrawStatusText
InitMUILanguage
ImageList_SetFlags
ImageList_SetImageCount

advapi32

RegNotifyChangeKeyValue
GetUserNameA
InitiateSystemShutdownA
CryptEncrypt
AbortSystemShutdownW
RegRestoreKeyA

shell32

SHGetSpecialFolderPathW
SHAppBarMessage
SHGetSettings
RealShellExecuteW

kernel32

QueryPerformanceCounter
HeapSize
IsValidLocale
GetDiskFreeSpaceExW
DeleteCriticalSection
GetSystemInfo
MultiByteToWideChar
GetLocaleInfoW
RtlUnwind
GetStringTypeA
TlsAlloc
InitializeCriticalSection
DebugActiveProcess
GetCommandLineA
EnterCriticalSection
WriteFileEx
EnumSystemLocalesA
GetConsoleScreenBufferInfo
TlsSetValue
HeapCreate
GetTickCount
GetFileType
UnhandledExceptionFilter
SetEnvironmentVariableW
ReadFile
CompareStringW
LeaveCriticalSection
WideCharToMultiByte
TlsFree
TerminateProcess
GetCurrentThreadId
VirtualQuery
GetCurrentProcess
HeapFree
TlsGetValue
SetConsoleTitleW
HeapDestroy
CloseHandle
InterlockedExchange
GetTimeZoneInformation
HeapAlloc
EnumCalendarInfoA
GetLocaleInfoA
GlobalAddAtomW
LCMapStringA
GetCommandLineW
GetLastError
SetFilePointer
LCMapStringW
SetEnvironmentVariableA
EnumCalendarInfoExA
GetEnvironmentStrings
LoadLibraryA
CompareStringA
GetCurrentThread
WriteFile
ExitProcess
FlushFileBuffers
GetStringTypeW
GetDateFormatA
GetCPInfo
GetACP
CreateMutexA
GetStartupInfoA
IsBadWritePtr
CreateFileMappingW
GetCurrentProcessId
SetStdHandle
GetOEMCP
FreeEnvironmentStringsA
VirtualAlloc
SetHandleCount
GetSystemTimeAsFileTime
GetProcAddress
GetUserDefaultLCID
OpenMutexA
HeapReAlloc
GetTimeFormatA
VirtualFree
FreeEnvironmentStringsW
SetLastError
GetStdHandle
OpenFile
GetEnvironmentStringsW
GetModuleFileNameA
IsValidCodePage
GetModuleHandleA
VirtualProtect
GetVersionExA
CreateToolhelp32Snapshot

wininet

InternetFindNextFileW
CreateUrlCacheEntryW
InternetTimeFromSystemTimeA
DeleteUrlCacheEntry
FtpGetFileA

user32

RegisterClassExA
TranslateAccelerator
RegisterClassA
MessageBoxExW
GetTabbedTextExtentW
UnhookWindowsHookEx
CharLowerA
GetWindowDC
DeleteMenu
OpenClipboard
SetWindowTextA
IsIconic
ShowWindow
MonitorFromPoint
UnhookWinEvent
GetWindowRect
ChangeClipboardChain
SendDlgItemMessageW
ToUnicodeEx
CharToOemBuffA
ToUnicode
EndDialog
WinHelpA
EnableWindow
CreateAcceleratorTableA
CreateAcceleratorTableW

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6498b903343eae9f6f763a8429cda9e8

Headers

File Characteristics

Imports

gdi32

comctl32

advapi32

shell32

kernel32

wininet

user32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 116KB - Virtual size: 130KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 116KB - Virtual size: 130KB

.rsrc
Size: 24KB - Virtual size: 20KB