99cdc0d35894acb2a2fbb1fb2bca2bae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99cdc0d35894acb2a2fbb1fb2bca2bae
Size

279KB
MD5

99cdc0d35894acb2a2fbb1fb2bca2bae
SHA1

ecc47ad88c325e06c5cda1e87434c78cb76a5b4a
SHA256

6e563c60d4dfb3fc62b82b80c16f0494cb542179651a9b3f57d1acbbbb0d4975
SHA512

c0ac5d88695508d2f1ac62034ebf66d5e5392b36b85dafc796dee1ca3273b2a34140fe1e3597570a58740ca3a280e002c5249d955e4cc70c2ca009b4e353a95b
SSDEEP

6144:0Aa2SabwYWnmDq3yZVvqjyItLLbThmuJvPsPRvUVF:PapaimWCZg+QLLbThmut

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99cdc0d35894acb2a2fbb1fb2bca2bae

Files

99cdc0d35894acb2a2fbb1fb2bca2bae
.exe windows:4 windows x86 arch:x86

ecd385626a0cdea5ac7f02aefa669574

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DestroyWindow
EnumChildWindows
CreateWindowExW
GetDlgItem
IsWindow
GetWindowThreadProcessId

iphlpapi

GetIpAddrTable

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

AddAtomA
GetEnvironmentStringsW
GetOEMCP
UnhandledExceptionFilter
GetStartupInfoA
WriteFile
FreeEnvironmentStringsW
EnumResourceLanguagesA
GetNumberFormatW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCPInfo
SetUnhandledExceptionFilter

Sections

.text
Size: 142KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ