98cb18264665b082fa972afdcbdb40ad

Sharing

Copy URL Twitter E-mail

General

Target

98cb18264665b082fa972afdcbdb40ad
Size

183KB
MD5

98cb18264665b082fa972afdcbdb40ad
SHA1

b3c4f5235888a7c217d8152e8475e46c54fc04fa
SHA256

493efa5c4de87b748938e817497dd5c5933cd2176b690dd542ad67fde64698bb
SHA512

7cff0ae3719ba4becb2e2ed26aa36b169dfe6d6d49247d66c584557c276cbf909232a93e6fc0f48d5ed15bbdd9a3744c88279064b7029bfc428818b5faa4f5b0
SSDEEP

3072:TR+w/7lpkjimObLJMVopp7W8T6GuPhM8IXCKzDYMkHnpeA7jZ0Q4HoPgChOsSh:Tcg7QjTUCop7Tpu5M8IXLUjZ07mgCg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98cb18264665b082fa972afdcbdb40ad

Files

98cb18264665b082fa972afdcbdb40ad
.exe windows:4 windows x86 arch:x86

619ad588af9891ae09d9bff36a727bcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CoRetireServer
CLSIDFromProgID
StgOpenStorageOnILockBytes
OleInitialize
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard
CoGetClassObject
CoInitialize
CoCreateInstance
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoUninitialize
CreateILockBytesOnHGlobal
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathAppendW

kernel32

MultiByteToWideChar
GetModuleFileNameW
GetCalendarInfoW
GetFileAttributesW
GetLocaleInfoW
lstrcpyW
InterlockedDecrement
FindClose
GetCurrentProcessId
FindNextFileW
FindFirstFileW
CreateFileW
LocalFileTimeToFileTime
GetSystemDefaultLangID
WideCharToMultiByte
WriteFile
CreateDirectoryW
ConvertDefaultLocale
EnumResourceNamesA
SystemTimeToFileTime
GetVersion
ExitProcess
ReadFile
LoadLibraryW
DeleteFileW
SetFilePointer
EnumResourceLanguagesW
SetFileTime
RemoveDirectoryW
GetCurrentDirectoryW
MoveFileW
GetProcAddress

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

GetNextDlgGroupItem
CharUpperW
SendDlgItemMessageA
MessageBeep
CreateWindowExW
RegisterWindowMessageW
InvalidateRgn
GetPropW
GetClassLongW
CharNextW
IsRectEmpty
WinHelpW
GetClassInfoExW
InvalidateRect
GetNextDlgTabItem
RemovePropW
SetRect
CopyAcceleratorTableW
SetPropW
DestroyMenu

gdi32

PtVisible
ScaleViewportExtEx
GetTextColor
SelectObject
ScaleWindowExtEx
TextOutW
Escape
SetWindowExtEx
GetDeviceCaps
ExtTextOutW
GetStockObject
OffsetViewportOrgEx
GetBkColor
GetMapMode
SetViewportOrgEx
ExtSelectClipRgn
DeleteDC
RectVisible
GetRgnBox

advapi32

RegQueryValueW
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegEnumKeyW
RegQueryValueExW

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

619ad588af9891ae09d9bff36a727bcd

Headers

File Characteristics

Imports

ole32

oleacc

shlwapi

kernel32

shell32

user32

gdi32

advapi32

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 73KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 368KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 73KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 368KB