99f0a2b20ae435798bde411be2b5ff0b

Sharing

Copy URL

Twitter E-mail

General

Target

99f0a2b20ae435798bde411be2b5ff0b
Size

612KB
MD5

99f0a2b20ae435798bde411be2b5ff0b
SHA1

2658759d9f05279c32b576b34fd58a96e4aaeaea
SHA256

3aadb0a98826058ab35e341222dcd0aed87ad265e17629f3dfcfd21e48bd8c0a
SHA512

28a7cb59bcc58763f1263650be0af3dbff0e03d36a0d5956e52c190d6a6829c44a7730c5698ef014e0853a1b32f8b68b87a58648bfd9ad6ead97089d9d9a35d5
SSDEEP

12288:OxGKVZ0J/oItrweiJqU7BEefqSPP+3O/o23FP3Y5pzM5:OdZ0J/ohj7Blvoo3i45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99f0a2b20ae435798bde411be2b5ff0b

Files

99f0a2b20ae435798bde411be2b5ff0b
.exe windows:4 windows x86 arch:x86

7b6b9d6e553e6181376391eef8e77367

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
DebugBreak
GetFileType
GetLastError
GetCurrentProcess
FreeEnvironmentStringsA
FlushFileBuffers
GetLocaleInfoW
GetProfileIntA
CompareStringA
InterlockedDecrement
GetStdHandle
Sleep
IsValidCodePage
EnumResourceNamesW
SetFilePointer
TlsFree
GetConsoleCP
TerminateProcess
GetProcAddress
VirtualFree
SetUnhandledExceptionFilter
QueryPerformanceCounter
HeapFree
GetCurrentThread
GetProcAddress
GlobalCompact
FreeEnvironmentStringsW
EnumResourceNamesA
GetStringTypeW
CompareStringW
GetSystemInfo
GetTempPathA
WriteConsoleA
EnterCriticalSection
IsValidLocale
WriteFile
GetEnvironmentStrings
GetCurrentThreadId
TlsGetValue
HeapSize
ReadFile
CloseHandle
GetLongPathNameW
GetCurrentProcessId
GetEnvironmentVariableW
SetComputerNameW
GetConsoleMode
CreateDirectoryW
GetLocaleInfoA
SetEnvironmentVariableA
SetHandleCount
TlsAlloc
GetThreadLocale
InterlockedIncrement
GetTickCount
FlushViewOfFile
HeapReAlloc
GetModuleFileNameA
OpenSemaphoreA
GetModuleHandleA
LeaveCriticalSection
HeapAlloc
EnumResourceTypesA
LoadLibraryA
GetCommandLineA
GetCPInfo
GetTimeZoneInformation
LCMapStringW
SetLastError
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetCurrencyFormatW
GetDateFormatA
GetModuleHandleW
UnlockFileEx
CreateFileA
CreateMutexA
GetStringTypeA
RtlUnwind
GetTimeFormatA
IsDebuggerPresent
SetConsoleCtrlHandler
GetEnvironmentStringsW
HeapCreate
GetSystemTimeAsFileTime
UnhandledExceptionFilter
OpenMutexA
FileTimeToDosDateTime
WriteConsoleW
GetOEMCP
GetStartupInfoA
EnumDateFormatsW
ExitProcess
VirtualProtectEx
GetConsoleOutputCP
MultiByteToWideChar
FreeLibrary
HeapDestroy
EnumSystemLocalesA
VirtualAlloc
WriteConsoleOutputCharacterW
GetCalendarInfoA
InterlockedExchange
SetStdHandle
DeleteCriticalSection
lstrcpyA
VirtualQuery
TlsSetValue
GetFileSize
GetACP
GetUserDefaultLCID

gdi32

SetBitmapBits
PolyTextOutA
SetDIBitsToDevice
AddFontResourceW

shell32

SHInvokePrinterCommandW
DuplicateIcon

wininet

InternetCombineUrlW
GopherCreateLocatorA
UnlockUrlCacheEntryFileA
HttpSendRequestExA
InternetSetOptionW

user32

CheckDlgButton
SetShellWindow
DrawStateA
SwitchDesktop
GetUserObjectInformationW
ClientToScreen
TabbedTextOutA
SetClipboardData
WindowFromPoint
GetCursorInfo
IntersectRect
ScreenToClient
CharPrevW
DialogBoxParamA
DefWindowProcA
SetScrollInfo
SetRectEmpty
DrawFrame
GetGUIThreadInfo
LoadStringW
SetActiveWindow
CreateDialogIndirectParamA
DdeUnaccessData
GetShellWindow
ReuseDDElParam
CascadeWindows
SetDeskWallpaper
SetClassWord
CallMsgFilterA
CreateMDIWindowW
GetKeyboardLayout
RemoveMenu
DrawTextExA
TileWindows
DdeFreeDataHandle
DispatchMessageA
InsertMenuA
DdeKeepStringHandle
GetKeyboardType
AttachThreadInput
RegisterClassA
ToAsciiEx
DefMDIChildProcA
CreateWindowStationA
DdeInitializeA
EnumDisplaySettingsA
RegisterClassExA
MapWindowPoints

comctl32

ImageList_Add
ImageList_DragShowNolock
ImageList_SetImageCount
CreatePropertySheetPageW
ImageList_GetIcon
ImageList_Copy
ImageList_SetFilter
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_Draw
ImageList_Duplicate
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_DrawIndirect
DrawStatusTextW
ImageList_Replace
ImageList_AddMasked

advapi32

RegSaveKeyW
RegEnumValueW
CryptSetProvParam
LogonUserA
RegQueryValueW
CryptContextAddRef
DuplicateToken
CryptGetKeyParam
InitializeSecurityDescriptor
CryptHashSessionKey
LookupAccountNameW
CryptDeriveKey
CryptGetDefaultProviderW
RegQueryInfoKeyA
GetUserNameW

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b6b9d6e553e6181376391eef8e77367

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

wininet

user32

comctl32

advapi32

Sections

.text Size: 188KB - Virtual size: 184KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 116KB - Virtual size: 140KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 188KB - Virtual size: 184KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 116KB - Virtual size: 140KB

.rsrc
Size: 44KB - Virtual size: 42KB