99c137eb35c8b50773037485aa4509bc

Sharing

Copy URL Twitter E-mail

General

Target

99c137eb35c8b50773037485aa4509bc
Size

430KB
MD5

99c137eb35c8b50773037485aa4509bc
SHA1

2d19e1fc2e50e76f229d952c758cb4de162cc6c8
SHA256

7fac9aa53dcebb3927e42240d65750d9c64de882013296f594014c9431a6b9f5
SHA512

73868e310e1913d519d969b75e95163a3e92afd85be92c65ea1429059733a63b4ef2b0f7fd21c57d0d60f870c0667ca820a7a8df49a650d4a6a64e820719b70d
SSDEEP

12288:gkKbR84/tRqeW8xNEIY+7zvVB3CHyLsbR+:JKG4nHEbKvX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99c137eb35c8b50773037485aa4509bc

Files

99c137eb35c8b50773037485aa4509bc
.exe windows:4 windows x86 arch:x86

8e0ac65f514ac33cd5f1aa5c4d88d450

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumWindowStationsW
ExcludeUpdateRgn

gdi32

CreatePatternBrush
GetTextCharset
AbortPath
GetGraphicsMode
SaveDC
FlattenPath
PolyBezierTo
SelectObject
CreateMetaFileA
GetBkMode
GetWindowExtEx
SetColorSpace
StrokePath
EnumFontFamiliesExA
GetKerningPairs
StrokeAndFillPath

comdlg32

ChooseFontW
PageSetupDlgA
ChooseFontA
PrintDlgW

wininet

InternetWriteFile
GopherGetAttributeA
UnlockUrlCacheEntryFile
InternetTimeFromSystemTime
FtpGetFileW
InternetConnectA
GetUrlCacheHeaderData
HttpOpenRequestA
HttpSendRequestW

advapi32

RegDeleteValueW
RegDeleteKeyW
StartServiceW
CryptAcquireContextW
RegEnumValueW
CryptSetProviderExW

kernel32

GetTimeFormatA
GetLocaleInfoW
SetEnvironmentVariableA
TerminateProcess
LocalLock
WaitForSingleObject
EnumResourceNamesA
GetStartupInfoA
GetCurrentProcessId
GetEnvironmentStringsW
GetStringTypeA
GetStartupInfoW
GetUserDefaultLCID
MapViewOfFile
GetDateFormatA
GetThreadPriorityBoost
EnterCriticalSection
RtlMoveMemory
VirtualAlloc
CompareStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetDateFormatW
ExitProcess
CompareStringA
EnumSystemLocalesA
GetTickCount
HeapFree
GetStdHandle
RtlUnwind
TlsFree
InterlockedExchange
GetSystemTimeAsFileTime
GetACP
QueryPerformanceCounter
IsDebuggerPresent
GetVersionExA
GetModuleHandleA
WideCharToMultiByte
IsValidCodePage
GetProcessHeap
LocalCompact
GetEnvironmentStrings
IsBadReadPtr
GetCommandLineA
LCMapStringW
IsValidLocale
GetCPInfo
GetModuleFileNameW
FreeEnvironmentStringsW
GetCalendarInfoA
DeleteCriticalSection
Sleep
HeapSize
GetModuleFileNameA
HeapCreate
GetCurrencyFormatW
InterlockedIncrement
GetStringTypeW
VirtualFree
GetCurrentProcess
GetProcAddress
GetLastError
OpenFileMappingA
SetLastError
GetFileType
FindFirstFileW
VirtualQuery
GetEnvironmentVariableA
LoadLibraryA
lstrlenW
HeapAlloc
InterlockedDecrement
LCMapStringA
SetConsoleCtrlHandler
TlsGetValue
MultiByteToWideChar
FreeEnvironmentStringsA
WriteFile
GetOEMCP
GetCommandLineW
SetHandleCount
GetLocaleInfoA
HeapDestroy
GetCurrentThread
SetLocaleInfoW
GetTimeZoneInformation
FreeLibrary
VirtualQueryEx
InitializeCriticalSection
LeaveCriticalSection
TlsAlloc
GetCurrentThreadId
HeapReAlloc
TlsSetValue

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e0ac65f514ac33cd5f1aa5c4d88d450

Headers

File Characteristics

Imports

user32

gdi32

comdlg32

wininet

advapi32

kernel32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 9KB - Virtual size: 14KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 9KB - Virtual size: 14KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 8KB - Virtual size: 7KB