99a0e06ca2089251d8c50e7d4c40f967

Sharing

Copy URL Twitter E-mail

General

Target

99a0e06ca2089251d8c50e7d4c40f967
Size

140KB
MD5

99a0e06ca2089251d8c50e7d4c40f967
SHA1

92e2518981aec384b25b5be805915bb69be2f96a
SHA256

cc0525647e157ec559eeaf4a384c29dae30d899799d51d1f2e38f643051345a3
SHA512

4871cdb0dfa5605a2c8c191049cf2328631d7f455ac4f625b59522f4bd4990f94e6c089280ce032276e99f43a38693c9ed08a05bd1b49288a5f6cb63af82ba01
SSDEEP

3072:SZBc1Yl2ZhJ0BJ002kmA29mG+n0ssb9EW7l:iBiYlzUjkmFfpsg9EW7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99a0e06ca2089251d8c50e7d4c40f967

Files

99a0e06ca2089251d8c50e7d4c40f967
.exe windows:4 windows x86 arch:x86

08bc867332bf82bc929d293cc9f1b73a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
DuplicateHandle
GetCurrentProcess
OpenProcess
WriteFile
CreateFileA
WinExec
SetFileTime
GetVersionExA
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle
GetFileAttributesExA

user32

CreateWindowExA
DefWindowProcA
PostQuitMessage
DispatchMessageA
GetDesktopWindow
TranslateMessage
GetMessageA
RegisterClassExA
ShowWindow

advapi32

StartServiceA
LookupAccountNameA
ConvertSidToStringSidA
CreateServiceA
CloseServiceHandle
DeleteService
OpenServiceA
OpenSCManagerA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
GetUserNameA

shlwapi

SHDeleteKeyA
StrStrA
SHSetValueA

msvcrt

_exit
_stricmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
sprintf
strstr
_access
rand
fclose
fflush
fwrite
fopen
srand
time
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
_strlwr
_XcptFilter
exit
_acmdln
__getmainargs

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

dbghelp

ImageNtHeader

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08bc867332bf82bc929d293cc9f1b73a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

version

dbghelp

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 104KB - Virtual size: 102KB

cdata Size: 4KB - Virtual size: 4B

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 104KB - Virtual size: 102KB

cdata
Size: 4KB - Virtual size: 4B

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB