98cff829f00f655bcd941dc7b3646fce

Sharing

Copy URL

Twitter E-mail

General

Target

98cff829f00f655bcd941dc7b3646fce
Size

2.2MB
MD5

98cff829f00f655bcd941dc7b3646fce
SHA1

a1c268548b466832598b6253ae9ba44df8f09267
SHA256

123581e693607bc0658ac3ad40794863d5e64dfa576cc12dc59b85c091d7dc71
SHA512

bd691e17f46aa53754d0c8c92887048667cc6301d472c694c483d1b7db96a1e46198f0a863b8990205024091d82b8cd084b1ed56ab0b7c5104c3e25a4f1dcde4
SSDEEP

49152:C/PJEkgvxpjUd2SCm0gphMIf5mngWWVGqX60ix:IJEkgv7UNCzmHogWwA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98cff829f00f655bcd941dc7b3646fce

Files

98cff829f00f655bcd941dc7b3646fce
.exe windows:4 windows x86 arch:x86

6412831c48958a01361795f4ce962310

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadBitmapA
CharLowerA
ExitWindowsEx
GetSystemMetrics
GetWindowLongA
IsWindow
CreateDialogParamW
EnableWindow
BeginPaint
GetFocus
GetMenu
OpenClipboard
DestroyMenu
LoadCursorW
TranslateAcceleratorW
MsgWaitForMultipleObjects
SetCursor
GetDC
DestroyWindow
CharUpperW
LoadCursorA
OffsetRect
GetDlgItem
UpdateWindow
PostQuitMessage
PeekMessageA
LoadBitmapW
LoadStringW
SetActiveWindow
SetWindowTextW
SetWindowsHookExW
GetWindowRect
CallNextHookEx
SetWindowLongW
RegisterClassA
SetDlgItemTextW
CallWindowProcW
GetClientRect
DrawTextA
ReleaseCapture
TranslateMessage
InvalidateRect
GetWindowThreadProcessId
WindowFromPoint
KillTimer
ShowWindow
UnregisterClassW
AppendMenuW
GetWindowLongW
CharNextA
LoadImageW
SendMessageW
SystemParametersInfoA
MoveWindow
GetSysColor
GetMenuItemCount
ClientToScreen
GetNextDlgTabItem
DrawFrameControl
BringWindowToTop
CharToOemA
GetParent
wsprintfA
MessageBoxW
GetSubMenu
IsWindowEnabled
SetWindowPos
EndDialog
GetSysColorBrush
GetMenuState

comctl32

ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_SetImageCount
ImageList_Destroy
ImageList_GetImageCount

advapi32

RegisterEventSourceW
RegCloseKey
RegQueryValueExW
RegOpenKeyExA
RegEnumValueA
RegSetValueExW
CopySid
RegOpenKeyA
OpenProcessToken
RegOpenKeyExW
RegDeleteKeyA
CryptHashData
AllocateAndInitializeSid
RegDeleteValueW

oleaut32

VariantChangeTypeEx
SafeArrayPutElement
SafeArrayCreate
VariantClear
VariantCopyInd

shlwapi

PathStripPathW
StrTrimA
PathRemoveFileSpecW
StrStrA
PathFindExtensionA
PathFileExistsW
PathFindExtensionW
PathCompactPathExW
PathStripToRootW
StrChrA
PathRemoveBackslashW
StrToIntA
UrlUnescapeW

kernel32

LocalAlloc
MapViewOfFile
ReadConsoleW
SetFileAttributesA
Sleep
HeapReAlloc
HeapCreate
FindResourceW
GetCurrentThreadId
UnhandledExceptionFilter
LeaveCriticalSection
SetFilePointer
SetHandleCount
lstrcmpiW
CloseHandle
GetFileSize
SetUnhandledExceptionFilter
AreFileApisANSI
WritePrivateProfileStringW
QueryPerformanceCounter
HeapDestroy
SetStdHandle
GetStdHandle
IsValidLocale
TerminateProcess
GetModuleHandleW
LoadResource
InterlockedExchange
GlobalLock
EnterCriticalSection
SetEvent
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
WriteFile
HeapAlloc
VirtualAlloc
GetStringTypeA
GetCommandLineA
GetVersionExW
GetFileType
LockResource
LoadLibraryExA
GetLastError
FindFirstFileW
MultiByteToWideChar
SetThreadPriority
LoadLibraryA
WideCharToMultiByte
GetModuleHandleA
TlsAlloc
RtlUnwind
FreeEnvironmentStringsW
ReadFile
GetCurrentDirectoryA
GlobalAlloc
SetLastError
GetProcAddress

msvcrt

_XcptFilter
_exit
wcsncpy
_getche
_makepath
wcscpy
_initterm
__getmainargs
malloc
_vsnwprintf
calloc
_except_handler3
fclose
_adjust_fdiv
swprintf
_wfopen
qsort
free
__set_app_type
_controlfp

gdi32

SetBkMode
RectVisible
SetDCPenColor
CreateFontW
RealizePalette
SetTextColor
DeleteObject
GetBkColor
FrameRgn
GetDIBits
CreateDCW
TextOutW
DeleteDC
SelectObject
CreateFontIndirectA
SetBkColor
GdiFlush
GetDeviceCaps
SetPixel
EndPage
SetWindowExtEx
GetCurrentPositionEx
CreateSolidBrush
CreateCompatibleDC
CreateFontIndirectW
CreateBrushIndirect

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6412831c48958a01361795f4ce962310

Headers

File Characteristics

Imports

user32

comctl32

advapi32

oleaut32

shlwapi

kernel32

msvcrt

gdi32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 88KB - Virtual size: 87KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 88KB - Virtual size: 87KB