9998fdf06c91184c9269fd16ce6a4a8c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9998fdf06c91184c9269fd16ce6a4a8c
Size

65KB
MD5

9998fdf06c91184c9269fd16ce6a4a8c
SHA1

2d94aa824c39cf20973daccdbf069fb6bffcc36a
SHA256

6bc0d0292242de6b00ec7ea6a78b00c8ca764b1f605ed49f864ba2e916ec9262
SHA512

c1236f9db35f6d41a1250d2091fecc4e1b350d60c9de495b02f6a03877acab5e11279ccd4cd8eb3a27f740ddae83b6b3062b2d25e0d9252d9dbd79aba065fa98
SSDEEP

1536:eJwhb5J+htSKGE4D/U8ERZGFOiBIxEvvBBxgY+K:emjKfGrD/hEqFgxYtgY5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9998fdf06c91184c9269fd16ce6a4a8c

Files

9998fdf06c91184c9269fd16ce6a4a8c
.exe windows:4 windows x86 arch:x86

8d306e52246a8ce263c7078c5088cc9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
GetDlgItem
GetWindowTextA
GetKeyboardState
SetProcessWindowStation
OpenDesktopA
GetWindowThreadProcessId
GetClassNameA
SendMessageA
MsgWaitForMultipleObjects
ExitWindowsEx
GetIconInfo
SetThreadDesktop
DrawIcon
GetForegroundWindow
OpenWindowStationA
GetClipboardData
CloseWindowStation
GetCursorPos
CloseDesktop

kernel32

LeaveCriticalSection
lstrlenW
SetFileTime
EnterCriticalSection
VirtualProtect
SetFilePointer
GetTickCount
SetEvent
Sleep
GetSystemTimeAsFileTime
FindNextFileW
lstrcmpiA
OpenMutexW
FindClose
GetFileSizeEx
lstrcmpiW
VirtualAlloc
GetFileAttributesW

shlwapi

PathCombineW
SHDeleteKeyA
PathMatchSpecW
StrCmpNIA
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
wvnsprintfA
wnsprintfW
wnsprintfA
StrStrW
wvnsprintfW

advapi32

CryptAcquireContextW
RegSetValueExA
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
RegDeleteValueA
RegEnumKeyExA
RegCloseKey

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE