98f9fcbc91f190773beff97c98cafbb9

Sharing

Copy URL

Twitter E-mail

General

Target

98f9fcbc91f190773beff97c98cafbb9
Size

181KB
MD5

98f9fcbc91f190773beff97c98cafbb9
SHA1

5744bc41bd2091b6552afac9963635e2488e9740
SHA256

2a20fe32f4d574d675b5dc74a3fc909c08bc311ca9ee6aeb47e4446a29cdd303
SHA512

3c0923e62da9213479f3113e891a2ba3b59a7a76ab6851714098444ca3664ab14a2a01363eedc10991d4a387ec84a83c93f75a58b37072a8d8cfe5132456b57d
SSDEEP

3072:d8iJgFApfVJdJZLlevwrvSy+bv1+aF0j+/6NHSQdF1U/TBfZlyQNdN:GydvFlevwGxv0ySNjETBhlyQNdN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98f9fcbc91f190773beff97c98cafbb9

Files

98f9fcbc91f190773beff97c98cafbb9
.exe windows:5 windows x86 arch:x86

2502c2cd480b3ba5403cd1c46d5e9e0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

ferror
rand
strcpy
strlen
strcmp
memset
strstr
sprintf
srand
strchr
strrchr
strcat
memcpy
isalpha
floor
log10
isdigit
strncpy
isalnum
tolower
memcmp
free
malloc
realloc
calloc
toupper
strncat
_atoi64
fwrite
_snprintf
fclose
fopen
_getcwd
system
strtok
ispunct
isprint
fseek
_mkdir
abs
_strnicmp
strncmp
memchr
memmove
fread
atoi
fflush
setvbuf
_errno

ws2_32

WSAGetLastError
__WSAFDIsSet
accept
listen
connect
bind
send
select
recvfrom
getsockopt
getsockname
getpeername
shutdown
gethostbyname
gethostname
ntohs
inet_ntoa
ntohl
WSAStartup
inet_addr
ioctlsocket
socket
setsockopt
sendto
WSASocketA
WSAIoctl
closesocket
htons
recv
htonl

wininet

InternetConnectA
HttpSendRequestA
InternetOpenA
InternetReadFile
InternetQueryDataAvailable
HttpOpenRequestA
InternetCloseHandle
InternetSetOptionA

dnsapi

DnsQuery_A
DnsRecordListFree

kernel32

GetModuleHandleA
GetProcAddress
GetTimeZoneInformation
FileTimeToSystemTime
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
VirtualFree
VirtualAlloc
WritePrivateProfileSectionA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateSemaphoreA
ReleaseSemaphore
GetLogicalDriveStringsA
GetDriveTypeA
lstrcmpA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
TryEnterCriticalSection
ReadFile
DeleteFileA
lstrcmpiA
GetSystemTime
GetLocalTime
WaitForMultipleObjects
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
lstrlenA
GetComputerNameA
GetVersionExA
GetModuleFileNameA
GetWindowsDirectoryA
CopyFileA
CreateProcessA
ExitProcess
SetCurrentDirectoryA
GetLastError
OpenEventA
GetFullPathNameA
GetFileAttributesA
CreateFileA
WriteFile
OpenEventW
WinExec
GetCurrentDirectoryA
lstrcpynA
InterlockedExchange
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedCompareExchange
GetTickCount
Sleep
SetThreadPriority
ResumeThread
CreateThread
WaitForSingleObject
lstrcpyA
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
CreateEventA
GetDiskFreeSpaceExA
GetSystemTimeAsFileTime
SystemTimeToFileTime

user32

CharLowerA
CharLowerBuffA
GetLastInputInfo
wvsprintfA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2502c2cd480b3ba5403cd1c46d5e9e0c

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ws2_32

wininet

dnsapi

kernel32

user32

advapi32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 5KB