99d8bb6ec9e88721f8ebaa62d4ce04f1

General

Target

99d8bb6ec9e88721f8ebaa62d4ce04f1
Size

86KB
MD5

99d8bb6ec9e88721f8ebaa62d4ce04f1
SHA1

20971ff7a6ab8c06fda9057360ee5ed8d43891ee
SHA256

61ff71afbb66f8524b19db09b46aaf7d8c04b3e6ccf0865d63c98a44b0c6e0a1
SHA512

be75cb57d82619f97c94477e66038da115d194d30c8ddb160d963c97b117c43a84cf982a204857d0eae133e8d3548716c5ca7ca3987d99a23ad1dd5981218664
SSDEEP

1536:kXNz2KLsXY0tIL1Kvykfo88276ru2hWNv58utHa4i4w/Z4Ro7qHsDKEFXvx:kXNz+XvtmKtoNhMNv5NJi4U4ayuX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99d8bb6ec9e88721f8ebaa62d4ce04f1

Files

99d8bb6ec9e88721f8ebaa62d4ce04f1
.exe windows:4 windows x86 arch:x86

a2fb4dce4add0c34de56a3b78eeee62d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
GetStringTypeW
SetHandleCount
GetCurrentProcess
GetStdHandle
GetCPInfo
LCMapStringA
CreateFileA
GetACP
TerminateProcess
WriteFile
lstrcatA
GetModuleFileNameA
GetOEMCP
GetCommandLineA
GetFileType
MultiByteToWideChar
GetVersion
SetFilePointer
GetStartupInfoA
GetStringTypeA
lstrcpynA
lstrcpyA

user32

CopyRect
CopyIcon
GetFocus
DrawTextW
GetCursor
DrawTextA
GetWindowTextA
CreateIcon
IsWindow
DrawIconEx
DialogBoxParamW
InsertMenuA
EndDialog
DialogBoxParamA
LoadCursorA
IsMenu
CopyImage
GetDlgItem
GetWindowTextLengthA
LoadMenuA
CloseWindow
GetMenu
DrawIcon
GetDC

comctl32

ImageList_GetIcon
ImageList_GetIconSize
DllGetVersion
ImageList_LoadImageW
DrawStatusTextW
CreateMappedBitmap
DrawStatusText
ImageList_LoadImageA
MenuHelp
CreateStatusWindowW
CreateToolbarEx

advapi32

RegCreateKeyA
RegCreateKeyW
RegDeleteKeyW
RegQueryValueA
RegCreateKeyExW
RegEnumKeyA
RegQueryValueExA
RegSetValueA
RegEnumValueA
RegEnumValueW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 16.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2fb4dce4add0c34de56a3b78eeee62d

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 50KB - Virtual size: 16.7MB

.rsrc Size: 29KB - Virtual size: 32KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 50KB - Virtual size: 16.7MB

.rsrc
Size: 29KB - Virtual size: 32KB