98e63944e34bf1028c68fbd8b8d908b5

Sharing

Copy URL Twitter E-mail

General

Target

98e63944e34bf1028c68fbd8b8d908b5
Size

38KB
MD5

98e63944e34bf1028c68fbd8b8d908b5
SHA1

77f2f5e2b0a5d042883e34949599c5298564360f
SHA256

17a1bc41f1c383080060e5d5c95fd921da9f8f16fcd853400811dd950b9d8b1d
SHA512

31e29092dd8bbe31bbd7238db174e1bb768d8c5dd39cb96280f87c7005d057f5dd8bf551edefc559668543b0dca4cc5788b0b3072c3425c8302e625418ad6d18
SSDEEP

768:jP9LRkVy0tv/bukkWY4I4Yi7BObG7donMurMa0s8djEpiMv:jPN0dKutYoOfxt0spi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98e63944e34bf1028c68fbd8b8d908b5

Files

98e63944e34bf1028c68fbd8b8d908b5
.exe windows:4 windows x86 arch:x86

4de9462b3e212aaa538fd829b2107069

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExW

gdi32

DeleteObject
GetBkColor
ExtTextOutW
CreateHatchBrush

dmutil

ShowMessage

kernel32

GetCurrentProcess
CloseHandle
GetModuleHandleA
LoadLibraryW
HeapAlloc
GetProcessHeap
GetWindowsDirectoryW
LocalFree
lstrcmpW
lstrcpynW
InterlockedExchange
QueryPerformanceCounter
Sleep
LocalAlloc
VirtualAlloc
GetCurrentThreadId
GlobalAlloc
DeleteCriticalSection
OutputDebugStringA
GetProcAddress
SetLastError
GetComputerNameW
IsBadReadPtr
lstrcpyW
GlobalLock
SetUnhandledExceptionFilter
CreateEventW
LoadLibraryExW
GlobalUnlock
GetVersion
TerminateProcess
InitializeCriticalSection
UnhandledExceptionFilter
LoadLibraryA
GetFileAttributesW
SetEvent
GetModuleFileNameW
lstrlenW
GetModuleHandleW
GlobalFree
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
ResumeThread
LeaveCriticalSection
FreeLibrary
GetLastError
WaitForSingleObject

user32

PostThreadMessageW
LoadBitmapW
CopyRect
LoadStringW
InvalidateRect
GetParent
UnhookWindowsHookEx
GetDesktopWindow
PostMessageW
EnableWindow
DestroyIcon
GetWindowLongW
RedrawWindow
WinHelpW
SendMessageW
KillTimer
SetWindowLongW
FillRect
GetSysColor
CreatePopupMenu
AppendMenuW
SetWindowsHookExW
SetTimer
DrawFocusRect
CallNextHookEx
RegisterClipboardFormatW
LoadIconW

ntmsapi

EjectDiskFromSADriveW

msvcrt

setlocale
_onexit
exit
free
wcscmp
wcsstr
malloc
_initterm
_beginthread
iswdigit
__dllonexit
wcsncpy
wcslen
_adjust_fdiv
_purecall
_chdir
wcscpy
_beep
__CxxFrameHandler
swprintf
wcstoul

ole32

CreateStreamOnHGlobal
CoSetProxyBlanket
CoUninitialize
CoTaskMemFree
CoInitialize
ReleaseStgMedium
CoCreateInstance
CoTaskMemAlloc

avifil32

AVIFileInfo

activeds

FreeADsMem

Sections

.textbss
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4de9462b3e212aaa538fd829b2107069

Headers

File Characteristics

Imports

shell32

gdi32

dmutil

kernel32

user32

ntmsapi

msvcrt

ole32

avifil32

activeds

Sections

.textbss Size: - Virtual size: 160KB

.idata Size: 3KB - Virtual size: 3KB

.text Size: 512B - Virtual size: 500B

.rsrc Size: 32KB - Virtual size: 36KB

.textbss
Size: - Virtual size: 160KB

.idata
Size: 3KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 500B

.rsrc
Size: 32KB - Virtual size: 36KB