a99517c3ee1c0e6c3a2e38ce745da97b

Sharing

Copy URL Twitter E-mail

General

Target

a99517c3ee1c0e6c3a2e38ce745da97b
Size

233KB
MD5

a99517c3ee1c0e6c3a2e38ce745da97b
SHA1

5f685d8a4e8331da0bff8b32ea6faf7dd2693754
SHA256

b9947cfe30d18c87330a85683f2858ac3ff8a3d6f09d6c635b60250c833614ed
SHA512

cce6c93856dbc5293c25d5403804708f9f0b5f540091ace18b885a19d4bdeb47f6c7e67f40d0436df68b1e99e1023db3f2edd6e83c8f99a56efd724d27b6b94d
SSDEEP

6144:1/qowoBMm6+5qTqQhy5JTaUc/Y8KKTYel/tIbxgA9:1/q1SMIwjhgJmY8KKTntIb6A9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a99517c3ee1c0e6c3a2e38ce745da97b

Files

a99517c3ee1c0e6c3a2e38ce745da97b
.exe windows:4 windows x86 arch:x86

83e5176c873a5ca25265e62924f03399

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetVolumeInformationA
LoadLibraryA
SetLocaleInfoA
GetFileAttributesW
EnumCalendarInfoA
DosDateTimeToFileTime
GetExpandedNameW
GetStartupInfoA
GetProcAddress
GlobalGetAtomNameA
ReplaceFileW
HeapCreate
GetACP
LoadLibraryExA
MoveFileW
SleepEx
AddAtomA
GetEnvironmentVariableA
GetCurrentThreadId
GetThreadPriority
FatalAppExitA
GetMailslotInfo
OpenSemaphoreW
OpenEventA
GetUserDefaultLangID
GlobalFindAtomW
EnumCalendarInfoW
lstrlenA
QueryPerformanceFrequency
lstrcmpW
GetStartupInfoW
lstrlen
GetShortPathNameA
lstrcatA
CreateEventA
AddAtomW
OpenFile
SetCurrentDirectoryW
BeginUpdateResourceW
GetCurrentDirectoryW
GetStringTypeA
LocalAlloc
CreateMutexA

user32

PeekMessageW
InsertMenuA
GetClassInfoA
MessageBoxIndirectA
GetSysColorBrush
PostMessageW
GetMessageW
InsertMenuItemW
OffsetRect
DefWindowProcW
SendDlgItemMessageW
GetForegroundWindow
EnumWindows
LoadImageA
SetDlgItemInt
DialogBoxIndirectParamA
GetIconInfo
PostQuitMessage
CharUpperW
CreateDialogParamW
GetSystemMetrics
CreateMenu

gdi32

CreateFontIndirectW
CreateDIBPatternBrushPt
RemoveFontResourceW
CreatePolygonRgn
GetRasterizerCaps
AddFontResourceW
CreateRectRgn
CreateEllipticRgn
CreateFontW
CreateFontIndirectExW
AddFontResourceA
StretchDIBits
CreateCompatibleDC

shell32

ShellExecuteExA
SHCreateDirectoryExW
StrCmpNW
StrCmpNIW
SHGetDiskFreeSpaceExA
ExtractIconExA
StrNCmpW

ole32

OleUninitialize
OleInitialize
CoGetMalloc
CoDosDateTimeToFileTime
CoGetObject
CoGetCallerTID
CoDeactivateObject
CLSIDFromString
CLSIDFromProgID
CoFileTimeNow

wininet

InternetOpenW
InternetSetDialStateW

oledlg

OleUICanConvertOrActivateAs
OleUIConvertW
OleUIPasteSpecialW
OleUIObjectPropertiesA
OleUIBusyW
OleUIUpdateLinksW
OleUIInsertObjectA
OleUIChangeSourceA

Sections

.o
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Aq
Size: 3KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JZ
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.peir
Size: 2KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jLps
Size: 3KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mk
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ShW
Size: 13KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifSj
Size: 5KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83e5176c873a5ca25265e62924f03399

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

wininet

oledlg

Sections

.o Size: 2KB - Virtual size: 2KB

.Aq Size: 3KB - Virtual size: 36KB

.JZ Size: 83KB - Virtual size: 83KB

.peir Size: 2KB - Virtual size: 334KB

.a Size: 13KB - Virtual size: 13KB

.jLps Size: 3KB - Virtual size: 43KB

.mk Size: 82KB - Virtual size: 82KB

.ShW Size: 13KB - Virtual size: 325KB

.ifSj Size: 5KB - Virtual size: 422KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 1024B

.o
Size: 2KB - Virtual size: 2KB

.Aq
Size: 3KB - Virtual size: 36KB

.JZ
Size: 83KB - Virtual size: 83KB

.peir
Size: 2KB - Virtual size: 334KB

.a
Size: 13KB - Virtual size: 13KB

.jLps
Size: 3KB - Virtual size: 43KB

.mk
Size: 82KB - Virtual size: 82KB

.ShW
Size: 13KB - Virtual size: 325KB

.ifSj
Size: 5KB - Virtual size: 422KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 1024B