98eb6410c8c9d46807f7effbadc357be

Sharing

Copy URL Twitter E-mail

General

Target

98eb6410c8c9d46807f7effbadc357be
Size

464KB
MD5

98eb6410c8c9d46807f7effbadc357be
SHA1

842f6a817b34c00a7981c373291e66c524097de6
SHA256

d90d44776df10bf2954cc76462f548a30a89828d5d1a50db35c1ba221124bb19
SHA512

3f36ce5ed5144cb05664b0fe16650d3c8073c6990e05a44216907b174b1a5ed2116e9686070a70869d978aa2373b0aab17d3f7886006cf8ee895a54967e06ba4
SSDEEP

6144:bCiBKlDuvmtbEMmymHN6006Q6wZTfcS0lZPFBqaq3yGU4bsyW/z8CZ:ui8lDu8wGM3Q6QzSnPFcaqAyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98eb6410c8c9d46807f7effbadc357be

Files

98eb6410c8c9d46807f7effbadc357be
.exe windows:4 windows x86 arch:x86

904300a15e5b1a8c3f9931dd8afcdd5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendDlgItemMessageA
RegisterClassA
DdeDisconnectList
GetClipboardFormatNameW
OemToCharBuffW
GetKeyboardLayoutNameA
SetFocus
EndMenu
IsIconic
SetProcessWindowStation
RegisterClassW
RegisterDeviceNotificationW
EmptyClipboard
UnhookWindowsHook
SetClassLongW
PostQuitMessage
RegisterClipboardFormatW
DdeFreeStringHandle
DdeQueryConvInfo
CharNextW
GetClassLongW
DrawTextExA
FrameRect
RegisterClassExA
CharLowerBuffA
DdePostAdvise
SetTimer
AppendMenuA
GetActiveWindow
BroadcastSystemMessageW
DestroyWindow
UnloadKeyboardLayout
ShowWindow
GetMenuStringW
DefFrameProcW
SendMessageA
WindowFromDC
InSendMessage
DdeKeepStringHandle
GetUserObjectInformationA
CharUpperW
DefWindowProcW
InsertMenuItemA
ClipCursor
GetUserObjectInformationW
DestroyMenu
DestroyAcceleratorTable
SetWindowRgn
MessageBoxA
InsertMenuA
DrawCaption
InsertMenuW
CreateWindowExW
CopyRect
DdeImpersonateClient
PeekMessageW
CallNextHookEx
TranslateAccelerator
SetWindowsHookExA
DefMDIChildProcW
EnumThreadWindows

advapi32

RegSetKeySecurity
RegCloseKey
GetUserNameA
CryptEncrypt
RegEnumValueA
LookupAccountNameA
CryptExportKey
CryptGetHashParam
GetUserNameW
LookupSecurityDescriptorPartsW
LookupAccountSidA
CryptSetHashParam
RegOpenKeyExW
RegQueryMultipleValuesA
CryptSetProviderW
RegQueryMultipleValuesW

comctl32

ImageList_SetOverlayImage
DrawStatusTextA
InitCommonControlsEx
ImageList_GetDragImage
CreateStatusWindowA
ImageList_DragEnter
ImageList_SetFlags
ImageList_GetBkColor
CreateMappedBitmap
CreateToolbarEx
_TrackMouseEvent
CreatePropertySheetPageA
ImageList_AddMasked
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_Create
ImageList_GetIcon
ImageList_Write
ImageList_LoadImage

kernel32

WideCharToMultiByte
UnmapViewOfFile
WaitNamedPipeA
LCMapStringA
GlobalHandle
EnumDateFormatsW
GetVersion
GetTempPathA
GetLastError
VirtualProtectEx
CreateDirectoryW
EnterCriticalSection
WaitNamedPipeW
GetModuleFileNameA
GetDriveTypeW
InterlockedDecrement
TlsFree
LoadLibraryA
GetEnvironmentStringsW
GetFullPathNameW
GetStartupInfoW
CloseHandle
FlushFileBuffers
CompareStringW
CreateMutexW
MapViewOfFile
IsDebuggerPresent
GetProcAddress
WritePrivateProfileStringA
SetThreadIdealProcessor
DeleteCriticalSection
GetSystemTimeAsFileTime
GetLocalTime
LockFileEx
SetUnhandledExceptionFilter
SetThreadAffinityMask
GetCalendarInfoA
GetUserDefaultLangID
EnumSystemCodePagesW
CreateMutexA
FindFirstFileExA
SetHandleCount
ReadConsoleInputW
CreateFileA
ContinueDebugEvent
FreeEnvironmentStringsW
GetEnvironmentVariableA
CreateToolhelp32Snapshot
LeaveCriticalSection
WriteProfileStringW
UnhandledExceptionFilter
QueryPerformanceCounter
ReadFile
GetThreadContext
GetCommandLineA
lstrcatA
SetEnvironmentVariableA
VirtualFree
SetLastError
LoadResource
FindAtomA
VirtualAlloc
lstrlen
GetFileAttributesExW
SetStdHandle
GetAtomNameW
GetModuleFileNameW
GetWindowsDirectoryA
FreeEnvironmentStringsA
SetFilePointer
IsBadWritePtr
TlsSetValue
MultiByteToWideChar
TlsGetValue
lstrcpyA
SetLocaleInfoA
GetTimeZoneInformation
OpenMutexA
GetCurrentProcess
GetModuleHandleA
InterlockedIncrement
OpenFileMappingW
GetNumberFormatW
EnumDateFormatsA
GetSystemTime
TlsAlloc
FlushConsoleInputBuffer
GetComputerNameA
GetCurrentProcessId
HeapCreate
HeapReAlloc
GetCPInfo
CreateEventW
GetComputerNameW
GetStringTypeW
CompareStringA
GetCurrentThread
GlobalFindAtomW
GetShortPathNameW
GetTickCount
GetVolumeInformationA
InitializeCriticalSection
GetCommandLineW
VirtualUnlock
GetProfileIntW
LCMapStringW
RtlUnwind
HeapAlloc
WritePrivateProfileSectionA
TerminateProcess
HeapDestroy
GetStartupInfoA
GetPrivateProfileStringW
WriteFile
ExitThread
HeapFree
ExitProcess
SystemTimeToFileTime
FreeLibrary
GetFileType
GetCurrentThreadId
GetStdHandle
SetEvent
SetFileAttributesW
InterlockedExchange
VirtualQuery
GetStringTypeA
GetEnvironmentStrings

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

904300a15e5b1a8c3f9931dd8afcdd5c

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 136KB - Virtual size: 132KB

.data Size: 96KB - Virtual size: 108KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 136KB - Virtual size: 132KB

.data
Size: 96KB - Virtual size: 108KB

.rsrc
Size: 76KB - Virtual size: 74KB