99789d8e71c2a6709c668e72fb4ee1a0

Sharing

Copy URL Twitter E-mail

General

Target

99789d8e71c2a6709c668e72fb4ee1a0
Size

76KB
MD5

99789d8e71c2a6709c668e72fb4ee1a0
SHA1

1bcd3c9c4715ed8ed6ae8986f46cf6497feab72f
SHA256

16a1b4276d3faf2316dc7a0328f01a43eb7f11b2aa7600f5603236b1e0658eab
SHA512

6903ce2aea032da7f9bcd2ff91f96713b2833bf957ae84986459790e4a21c858b26786324bfb87265df30060d99e999ca251e3ba592197c89a476b741b432163
SSDEEP

1536:1OLcVXZhoU0l6tkFWGTQyRBnzyxJJhb4m/O5Z0:1OLqJhoUQcYpzyrAm/O5Z0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99789d8e71c2a6709c668e72fb4ee1a0

Files

99789d8e71c2a6709c668e72fb4ee1a0
.exe windows:5 windows x86 arch:x86

82a6cde5e90571627d6908dab53a2aaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

CreateThread
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetModuleHandleA
ReadFile
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoA
HeapSize
IsValidCodePage
CopyFileA
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetFileAttributesA
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
VirtualAlloc
HeapReAlloc
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
CreateFileA
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP

user32

GetMessageA
RegisterClassExA
PostQuitMessage
LoadIconA
SendMessageA
TranslateMessage
MessageBoxA
CreateWindowExA
GetDlgItem
DefWindowProcA
CheckDlgButton
DispatchMessageA
UpdateWindow
EnableWindow
LoadCursorA
GetDlgItemTextA
DialogBoxParamA
SetDlgItemTextA

gdi32

GetStockObject

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82a6cde5e90571627d6908dab53a2aaf

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 12KB