99f5ef7f67495c6f76eb1d2bacc349f4

General

Target

99f5ef7f67495c6f76eb1d2bacc349f4
Size

554KB
MD5

99f5ef7f67495c6f76eb1d2bacc349f4
SHA1

0c2e8dd1a7026d220edb9e1dce0da3805de441ba
SHA256

7bff7ae4b5572d86139a52c0b99a041981cc06f9fd206a02401e3b2b63210b9a
SHA512

c2482d154e492af2bd76e09183032bd9cf314962ea400678b9bc28fcff713e6692c152eb2ff629377cfddfaf9b734442818f079a1b1994fc4387150d7b64d1e3
SSDEEP

3072:1LIISZoPCdMbrfjUaBFiHBY9ufnIpGXMkU63UGKpGVnPnF47Me24eisv+yhr8Wgq:1M5IsQeoGXM+31KpGVN+MEIr8POyNjfs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99f5ef7f67495c6f76eb1d2bacc349f4

Files

99f5ef7f67495c6f76eb1d2bacc349f4
.exe windows:4 windows x86 arch:x86

d764a2b044db265ef954a4e23632ff2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeA
SetVolumeLabelA
_lopen
ClearCommBreak
OutputDebugStringW
lstrcmpA
SetErrorMode
RemoveDirectoryA
_hread
WritePrivateProfileSectionA
GetTickCount
GetTempFileNameA
GetPrivateProfileSectionW
ExitProcess

oleaut32

SysStringLen
QueryPathOfRegTypeLi
SafeArrayGetLBound
LoadTypeLi
SafeArrayRedim

user32

EndPaint
LoadBitmapA
wsprintfA
HiliteMenuItem
SetScrollInfo
LoadMenuIndirectW
GetWindowTextW
DrawIconEx
CreateAcceleratorTableW
WinHelpW
OpenWindowStationW
ExcludeUpdateRgn
SwitchDesktop
GetDesktopWindow
DestroyAcceleratorTable
MenuItemFromPoint
ArrangeIconicWindows
GetClassNameW
MessageBeep
RemoveMenu
GetClipboardFormatNameW
InflateRect
FindWindowExW
AdjustWindowRectEx
PeekMessageW

gdi32

SetTextColor
CreatePalette
PaintRgn
PolylineTo

ws2_32

WSAGetLastError
recv
WSARecv
WSARecvFrom
WSAHtons

msvcrt

getchar
strrchr
_waccess
_strtime
iswalnum
putc
putchar
clearerr
_endthread
iswspace
system
freopen
strtok
_wcsnicmp
_wpopen
_snwprintf
fputwc
_stricoll
localeconv
strcspn
_setmode
wcscmp
difftime
fputws
_spawnv
wcsncpy
tolower

Sections

.text
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d764a2b044db265ef954a4e23632ff2f

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

gdi32

ws2_32

msvcrt

Sections

.text Size: 302KB - Virtual size: 302KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 231KB - Virtual size: 230KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 302KB - Virtual size: 302KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 231KB - Virtual size: 230KB

.rsrc
Size: 16KB - Virtual size: 16KB