98f8142de6f0c5e564336b7f7fe6692f

Sharing

Copy URL Twitter E-mail

General

Target

98f8142de6f0c5e564336b7f7fe6692f
Size

291KB
MD5

98f8142de6f0c5e564336b7f7fe6692f
SHA1

811f0814c793feb3f57cebc62c10fb5de8cad036
SHA256

69f8a3e254d0ff076e171036e1d63ff1b49422e289e874aa13a8497059cf3b0b
SHA512

7630b19f24a1824462740787f7fbed7143710329eccd110cc5a52726e5b09bda695a135cba8e4b2921a2d72a0d691af55275d905748ff107c034e659cebf6926
SSDEEP

6144:5PgDaOHuXaf7j7MhiES8INAUXBG7rMg1QbQs:5PgDaOjf7j7MhBSzPXBGVKb7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98f8142de6f0c5e564336b7f7fe6692f

Files

98f8142de6f0c5e564336b7f7fe6692f
.exe windows:5 windows x86 arch:x86

615d90bfe191c30f40f1e403b33ee28e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\NvEhrxBls\lbtinpovo\LanHiWOWd\djSydlqUbYrrj.pdb

Imports

msvcrt

_controlfp
sprintf
__set_app_type
__p__fmode
strrchr
strspn
__p__commode
wcstok
_amsg_exit
isprint
isalpha
vswprintf
islower
_initterm
wcscpy
vsprintf
_acmdln
swscanf
exit
sscanf
_ismbblead
bsearch
towupper
wcsncpy
putc
strncpy
mktime
_XcptFilter
_exit
printf
wcstod
_cexit
__setusermatherr
clock
strtok
srand
putchar
malloc
iswdigit
wcstombs
remove
iswalpha
strcpy
fgetc
__getmainargs

comdlg32

CommDlgExtendedError
GetSaveFileNameA
ChooseFontW
GetSaveFileNameW

gdi32

GetTextFaceW
SetBrushOrgEx
GetTextExtentPoint32A
LPtoDP
CreateHalftonePalette
EnumFontFamiliesW
CreateBitmap
SetTextAlign
OffsetViewportOrgEx
GetTextExtentPointW
FillRgn
LineDDA
GetViewportOrgEx
CreateHatchBrush
GetStockObject
RectVisible
DeleteObject
CreateRectRgnIndirect
SetAbortProc
GetTextExtentPoint32W
GetNearestPaletteIndex
GetDIBColorTable
GetCharWidth32W
EnumFontsW
ScaleViewportExtEx
EndPath
CreateICW
StretchDIBits
SetBitmapDimensionEx
ExtTextOutW
GetTextMetricsW
Polygon
TextOutA
SetBitmapBits
PtInRegion
SetWindowExtEx
CreateDIBSection
CreatePatternBrush
StartDocW
AddFontResourceW
SetViewportExtEx
SelectClipRgn
CreateSolidBrush
GetROP2

comctl32

ImageList_AddMasked
InitCommonControlsEx
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_GetImageCount

user32

RegisterClassW
ReplyMessage
IsCharLowerA
IsCharAlphaNumericW
SetTimer
GetClipCursor
PostQuitMessage
IsChild
DestroyCursor
IsDialogMessageW
EnableWindow
GetWindowTextA
CheckMenuItem
wsprintfA
RegisterClassExA
SetLastErrorEx
GetWindowLongW
OpenInputDesktop
CheckRadioButton
CharPrevW
CascadeWindows
CallWindowProcW
AdjustWindowRect
ReleaseDC
GetTopWindow
GetKeyboardLayoutList
GetClassInfoExA
MapVirtualKeyExW
GetMenuItemInfoW
GetActiveWindow
GetMenuStringW
DefDlgProcW
MonitorFromRect
UnloadKeyboardLayout
PostMessageW
ShowOwnedPopups
PeekMessageA
SetForegroundWindow
DrawStateA
GetWindowDC
LoadMenuA
BeginDeferWindowPos
GetMessagePos
SwitchToThisWindow
GetLastActivePopup
SetPropW
GetClientRect
GetMenuItemRect
CharLowerBuffW
SetWindowLongW
IsCharUpperA
LookupIconIdFromDirectory
LoadAcceleratorsW
SetClassLongW
IsDlgButtonChecked
MapWindowPoints
EnumThreadWindows
CharUpperBuffA
UpdateWindow
wsprintfW
GetNextDlgGroupItem
CloseDesktop
SetSysColors
GetKeyboardLayoutNameW
AttachThreadInput
EnableScrollBar
InternalGetWindowText
GetParent
BeginPaint
ScrollWindow
GetClassNameW
DrawMenuBar
DefWindowProcW
CreateDialogParamW
ShowWindow
CreateCursor
EndDialog
IsRectEmpty
GetMenuStringA
GetClassInfoExW
OffsetRect
OemToCharA
GetMenuState
EnableMenuItem
SetMenuItemBitmaps
DialogBoxIndirectParamA
CopyAcceleratorTableW
InsertMenuW
DefWindowProcA
TileWindows
OemToCharBuffA
GetKeyboardLayout
SetMenuItemInfoW
ChildWindowFromPointEx
IsMenu
CreatePopupMenu
InsertMenuItemW
RegisterHotKey
SendMessageA
SwapMouseButton
CharNextExA
GetWindowPlacement
OpenDesktopW
MonitorFromPoint
LoadIconA
LoadStringW
RemoveMenu
GetSubMenu

kernel32

DeleteFileW
FileTimeToDosDateTime
SetNamedPipeHandleState
FindResourceW
GetACP
ResetEvent
CreateSemaphoreW
CopyFileW
SetErrorMode
GetNumberFormatW
FindClose
LoadLibraryExW
GlobalReAlloc
GetFileTime
CreateDirectoryW
GetAtomNameA
CreateWaitableTimerW
GlobalMemoryStatus
GetTempFileNameW
ConnectNamedPipe
FlushFileBuffers
GetTimeFormatW
lstrcmpA
FindNextFileW
ResumeThread
WaitCommEvent
TlsFree
GlobalGetAtomNameW
GetTimeZoneInformation
GetVersion
SetEvent
CallNamedPipeW
lstrcpyW
TlsGetValue
UnhandledExceptionFilter
TerminateThread
LCMapStringW
VirtualQuery
GetNumberFormatA
GlobalLock
GetTickCount
DeviceIoControl
EnumResourceNamesA
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindResourceExW
SystemTimeToFileTime
GetVersionExW
GetThreadPriority
SetCurrentDirectoryW

Exports

Exports

?IsNotProcessOld@@YGPANPAEJDPAH@Z
?AddStateExA@@YGPAXPANPAH@Z
?DeleteListItemA@@YGPAGKHPADM@Z
?InsertMessageEx@@YGPANJDPAJ@Z
?InvalidatePointer@@YGHPAF@Z
?GetWidthW@@YGDHHIM@Z
?InvalidateComponentW@@YGEPAEJD@Z
?LoadConfigOriginal@@YGXMPAIJF@Z
?ModifyFolderPathExA@@YGPAGMMPAGK@Z
?GlobalWidthW@@YGPAGPAEHPAGE@Z
?IncrementMemoryOriginal@@YGPAEPAGMNI@Z
?CrtDataExW@@YGPAKIPAE@Z
?EnumCharOriginal@@YGDEEH@Z
?SetAppNameOriginal@@YGGHGK@Z
?HeightA@@YGGH@Z
?IsNotWidthNew@@YGPAXPAKFPAF@Z
?PutCharOld@@YGPAEIE@Z
?GlobalHeaderNew@@YGXPAKINE@Z
?CopyFolderPathOld@@YGEPAHJFM@Z
?ShowStateEx@@YGXPAFHM@Z
?EnumAppNameOriginal@@YGGPAGM@Z
?IncrementNameW@@YGPAXH@Z
?GlobalDateOriginal@@YGJMPA_NF@Z
?CopyProfileOriginal@@YGX_NJPAGPAH@Z
?IsValidStateEx@@YGJIF@Z
?ShowVersion@@YGHK@Z
?EnumDateOld@@YGXPAN@Z
?OnDataEx@@YGJPAMH@Z
?InsertMediaTypeOld@@YGXEGPAMF@Z
?FreeWindowInfoEx@@YG_NPA_NMPAJD@Z
?ValidateFunctionW@@YGXDPAHPAD@Z
?ValidateTaskW@@YGHEK@Z
?ValidateSystem@@YGDPAKPAK@Z

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dt_i
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dt_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

615d90bfe191c30f40f1e403b33ee28e

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comdlg32

gdi32

comctl32

user32

kernel32

Exports

Exports

Sections

.text Size: 61KB - Virtual size: 61KB

.dt_i Size: 6KB - Virtual size: 6KB

.dt_e Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 76KB - Virtual size: 76KB

.rsrc Size: 128KB - Virtual size: 128KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 61KB - Virtual size: 61KB

.dt_i
Size: 6KB - Virtual size: 6KB

.dt_e
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 128KB - Virtual size: 128KB

.reloc
Size: 2KB - Virtual size: 1KB