98f59b802b9a09c836bf4cf45422c2b9

Sharing

Copy URL

Twitter E-mail

General

Target

98f59b802b9a09c836bf4cf45422c2b9
Size

312KB
MD5

98f59b802b9a09c836bf4cf45422c2b9
SHA1

b714315dac8431e68f51b9af618ad576f3a50109
SHA256

712756bf3a2e9985d81c72b632c2ed86a94868416e73e41374e169fd2b82c85c
SHA512

c45758e75c893391bead727bda111c62b0cf7a2491f0ae4392c799543460ee7fa7ae0ff404bd5bf47c3fb7445be710c067e88e877e349be7f538c06075e70fbd
SSDEEP

6144:GwTu2HIC6Vu7OME2w1f/ujsGiV5gQ1vFaC:LNHMxx1HpGiVX1vFa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98f59b802b9a09c836bf4cf45422c2b9

Files

98f59b802b9a09c836bf4cf45422c2b9
.exe windows:4 windows x86 arch:x86

8dd8085ecb274ae811a5e20944db32de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpA
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
RaiseException
SetStdHandle
GetFileType
HeapAlloc
HeapFree
GetACP
GetTimeZoneInformation
HeapSize
GlobalFree
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFileTime
SetFileAttributesA
GetComputerNameA
CreateFileA
WriteFile
CloseHandle
CopyFileA
Sleep
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
lstrcatA
GetFileTime
GetFileSize
GetFileAttributesA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
GlobalHandle
GlobalUnlock
TlsAlloc
DeleteCriticalSection
GetWindowsDirectoryA
DeleteFileA
InitializeCriticalSection
LocalAlloc
LocalFree
FreeLibrary
lstrcmpiA
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
UnhandledExceptionFilter
LoadLibraryA
GetVersion
FindClose
lstrcpyA
SetEndOfFile
GetProcAddress
FlushFileBuffers
UnlockFile
LockFile
GetCurrentProcess
SetFilePointer
ReadFile
WideCharToMultiByte
DuplicateHandle
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetLastError
lstrcpynA
GetLastError
FreeEnvironmentStringsA
GetLocalTime
FreeEnvironmentStringsW
HeapReAlloc
GetModuleFileNameA

user32

SetFocus
GetFocus
GetSysColor
MapWindowPoints
LoadIconA
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
SetWindowTextA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
CopyRect
AdjustWindowRectEx
GetClientRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetKeyState
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
LoadStringA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
WaitMessage
PeekMessageA
GetSystemMetrics
CharUpperA
wsprintfA
KillTimer
PostQuitMessage
SetTimer
DefWindowProcA
RegisterClassA
CreateWindowExA
ShowWindow
GetMessageA
DispatchMessageA
TranslateMessage
PostMessageA
FindWindowA
SetWindowPos
SetWindowLongA
GetDlgCtrlID

gdi32

GetClipBox
GetObjectA
DeleteDC
SetBkColor
SaveDC
RestoreDC
GetStockObject
SelectObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
ScaleWindowExtEx
SetTextColor

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

ord17

wsock32

gethostbyname
WSACleanup
recvfrom
closesocket
WSAAsyncSelect
bind
ioctlsocket
htons
socket
WSAStartup
inet_addr
sendto
accept
WSASetLastError
WSAGetLastError
connect
htonl
recv
send
inet_ntoa

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8dd8085ecb274ae811a5e20944db32de

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 22KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 22KB