99d6615a85e18d582d9427641f8cbb10

Sharing

Copy URL Twitter E-mail

General

Target

99d6615a85e18d582d9427641f8cbb10
Size

588KB
MD5

99d6615a85e18d582d9427641f8cbb10
SHA1

3ae5ee59b5e7d3cd89cbaba4780843b9a28bb848
SHA256

26a2de59dcbf5d5eea9693a9350d0784a17892884646eeffb86870a6c44839de
SHA512

c508743d45deb4b17d60417fda50513fb4d53266c3c0ae892538674f1b372fd277caa9f099157ff257fabf2f5f0e05fddd72e2b1bdec79eb8a92830a15d6c97b
SSDEEP

12288:hYBPG5pzqdg8gp2ptQA18XT7rkNubd+PRH/mQwi:ChG5lwuEtQACeubdchxd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99d6615a85e18d582d9427641f8cbb10

Files

99d6615a85e18d582d9427641f8cbb10
.exe windows:4 windows x86 arch:x86

ef57920d6c1a1b8612566cb6aa1c6bae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\now\deczevjv.pdb

Imports

gdi32

Rectangle
GetLogColorSpaceA
SetTextAlign
GetBkColor
CreateScalableFontResourceW
GetFontData
CreateDCA
DeleteObject
EnumFontFamiliesW
GetObjectA
UpdateICMRegKeyW
GetTextMetricsW
SetAbortProc
RectInRegion
GetRegionData
GetCharABCWidthsFloatA
PlayEnhMetaFileRecord
GetBoundsRect
GetDeviceCaps
DeleteDC

kernel32

GetConsoleMode
WideCharToMultiByte
SetFilePointer
GetCalendarInfoW
CreateDirectoryA
GetNamedPipeInfo
FreeEnvironmentStringsW
GlobalAlloc
SetConsoleTextAttribute
GetPriorityClass
GetStringTypeA
GetEnvironmentStringsW
HeapCreate
GetFullPathNameA
WriteConsoleW
IsDebuggerPresent
GetFileType
SetThreadPriority
EnumDateFormatsExA
GetThreadLocale
UnhandledExceptionFilter
SetHandleCount
GetProcAddress
CloseHandle
CreateMutexA
ContinueDebugEvent
HeapDestroy
HeapFree
GetDateFormatA
CreateDirectoryExW
GetStartupInfoA
GetThreadPriority
IsValidLocale
HeapReAlloc
TlsFree
lstrcpynW
GetProfileStringA
SetCriticalSectionSpinCount
ReleaseSemaphore
DeleteFiber
HeapAlloc
QueryPerformanceCounter
ExitProcess
GetPrivateProfileIntA
InterlockedDecrement
TlsAlloc
ReadConsoleOutputAttribute
SetUnhandledExceptionFilter
FillConsoleOutputAttribute
GetModuleHandleA
GetComputerNameA
GetStringTypeW
GetStdHandle
GetExitCodeProcess
TlsGetValue
GetLastError
ReadConsoleInputA
TerminateProcess
CreateMutexW
WriteConsoleOutputW
ReadConsoleW
TlsSetValue
ReadFileEx
GetModuleHandleW
OpenSemaphoreA
GetLocaleInfoA
RemoveDirectoryA
GetEnvironmentStrings
SetEnvironmentVariableA
VirtualFree
GetUserDefaultLangID
LockResource
GetTickCount
GetCurrentThreadId
GetLocaleInfoW
EnumSystemLocalesA
WriteProfileStringA
CreateFileA
GetModuleFileNameA
GetCurrentThread
OpenMutexA
GetSystemDirectoryA
FreeLibrary
FlushFileBuffers
GetTimeZoneInformation
ReadConsoleOutputCharacterA
GetCommandLineA
FreeEnvironmentStringsA
InterlockedIncrement
WriteConsoleA
GetLogicalDriveStringsW
SetLastError
FindNextFileA
LeaveCriticalSection
InitializeCriticalSection
EnumResourceLanguagesA
GetOEMCP
WritePrivateProfileStringA
CompareStringW
EnterCriticalSection
lstrlenW
VirtualQuery
GetUserDefaultLCID
GetThreadPriorityBoost
LCMapStringA
GetShortPathNameA
WriteConsoleOutputCharacterA
GetThreadContext
SetStdHandle
EnumCalendarInfoW
LocalAlloc
SetFileAttributesA
GetACP
VirtualAlloc
LCMapStringW
RtlUnwind
GetConsoleCP
GetSystemTimeAsFileTime
WaitForMultipleObjects
GetWindowsDirectoryA
WriteConsoleOutputA
GetTimeFormatA
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetConsoleOutputCP
FileTimeToSystemTime
WriteFile
Sleep
DeleteCriticalSection
LoadLibraryA
InterlockedExchange
GetCurrentProcessId
CompareStringA
GetCurrentProcess
GlobalReAlloc
GetLocalTime
MultiByteToWideChar
GetLongPathNameW
GlobalUnlock
GetCPInfo
GetDiskFreeSpaceA
SetConsoleCtrlHandler
IsValidCodePage
HeapSize
SetSystemTime
ResumeThread
ResetEvent
WritePrivateProfileStructA
GetFileTime
ReadFile

user32

CreateDialogIndirectParamW
OpenDesktopA
DefWindowProcA
GetSysColorBrush
CallWindowProcA
FindWindowW
GetActiveWindow
ShowWindow
PostThreadMessageW
DdeSetUserHandle
DialogBoxParamW
IsWindow
OpenInputDesktop
IsDialogMessageW
CharPrevW
EndDialog
SendInput
SetMenuDefaultItem
SendIMEMessageExA
TranslateMessage
SystemParametersInfoW
OpenWindowStationW
ToAsciiEx
ValidateRgn
GetLastActivePopup
DefMDIChildProcA
ReleaseDC
DestroyWindow
MsgWaitForMultipleObjects
GetClassInfoW
RegisterClassExA
RemovePropW
SetThreadDesktop
ChangeMenuA
EmptyClipboard
MessageBoxA
GetDlgItemInt
GetClassInfoA
RegisterClassA
IsCharAlphaA
TrackPopupMenu
EnumWindows
GrayStringA
CheckRadioButton
UnregisterHotKey
CreateWindowExA
IsWindowVisible
LookupIconIdFromDirectoryEx
LoadCursorFromFileA

comctl32

ImageList_Duplicate
ImageList_Add
InitCommonControlsEx
_TrackMouseEvent
ImageList_AddMasked
ImageList_EndDrag
ImageList_GetImageInfo
CreateToolbarEx
ImageList_SetImageCount
ImageList_DragLeave
ImageList_SetOverlayImage
InitMUILanguage
CreateUpDownControl
ImageList_SetDragCursorImage
ImageList_Draw
ImageList_GetImageCount
CreatePropertySheetPage
ImageList_SetFilter
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_Replace
ImageList_Create
ImageList_LoadImageA
CreateStatusWindowA

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef57920d6c1a1b8612566cb6aa1c6bae

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

comctl32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 112KB - Virtual size: 123KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 112KB - Virtual size: 123KB

.rsrc
Size: 12KB - Virtual size: 11KB