a999b0bf1df688080fe45cf4910899ff

Sharing

Copy URL Twitter E-mail

General

Target

a999b0bf1df688080fe45cf4910899ff
Size

518KB
MD5

a999b0bf1df688080fe45cf4910899ff
SHA1

bfa125b04ca32b5ff9d77baa2c043777938d986d
SHA256

1297665ee6f0370f00d412586ce7458494a57e9e02acbdd1aea0a95dea5d70e9
SHA512

5ff0abd52ff0538e65f161d796c7881ff0adc38d20e35e0aa88bccbc9cb013fea8915b1681553e5b350dacbdf76737f6ea06296b94a1caa555e2dbbb3de0ea08
SSDEEP

12288:fZYKJz+sVx67VcV7Db8ML+8HvBAgg1PkNANbDxGbak:fZYKJqsVcyV7DbXL+8H+9+Gfk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a999b0bf1df688080fe45cf4910899ff

Files

a999b0bf1df688080fe45cf4910899ff
.exe windows:4 windows x86 arch:x86

a7df1a858eaafd2f07ee376d61934a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\phtenepem\alroet\bgocxz\gbdp\gpo\eesj.pdb

Imports

comctl32

ImageList_LoadImageA
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_Duplicate
ImageList_AddMasked
ImageList_GetIconSize
CreateMappedBitmap
InitCommonControlsEx
ImageList_Add
ImageList_GetFlags

kernel32

GetStringTypeW
LCMapStringW
GetStartupInfoA
GetCurrentProcessId
UnhandledExceptionFilter
EnumResourceLanguagesW
SetEnvironmentVariableW
GetSystemTime
HeapCreate
MultiByteToWideChar
SetFileAttributesA
VirtualQuery
GetFileType
GetACP
GlobalHandle
GetStdHandle
EnumSystemLocalesW
GetConsoleTitleW
GetWindowsDirectoryA
SetFilePointer
GetLogicalDriveStringsA
DeleteCriticalSection
MapViewOfFile
GetTimeZoneInformation
CreateSemaphoreA
GetStringTypeA
HeapSize
LeaveCriticalSection
LoadLibraryExA
WaitForMultipleObjectsEx
TlsSetValue
SetConsoleTitleW
LCMapStringA
OpenEventW
EnumResourceLanguagesA
CompareStringA
SetHandleCount
InitializeCriticalSection
WideCharToMultiByte
GetCPInfo
GetLastError
GetSystemInfo
VirtualProtect
GetModuleFileNameA
RtlUnwind
WaitForSingleObject
GetSystemTimeAsFileTime
SetLocalTime
CreateEventA
FindAtomW
GetUserDefaultLCID
OpenSemaphoreA
GetCommandLineA
GetCurrentThreadId
GetDriveTypeA
GetStartupInfoW
MoveFileExW
CompareStringW
HeapReAlloc
InterlockedIncrement
ExitProcess
GetDiskFreeSpaceExA
FillConsoleOutputCharacterW
CreateFileMappingW
CreateWaitableTimerW
GetFileAttributesExA
GetLocalTime
EnumTimeFormatsW
QueryPerformanceCounter
GetVersion
GetVersionExA
GetLongPathNameW
GetCurrentProcess
TlsFree
WriteProfileStringA
CreateMutexA
FlushViewOfFile
RtlZeroMemory
SystemTimeToTzSpecificLocalTime
LoadLibraryA
HeapDestroy
GetNamedPipeInfo
IsBadWritePtr
FindNextFileW
InterlockedDecrement
lstrcatA
EnumTimeFormatsA
WriteConsoleW
EnumResourceTypesA
GetProcAddress
SetEvent
OpenWaitableTimerW
GlobalFix
WriteConsoleOutputAttribute
GetTickCount
GetDateFormatW
GetOEMCP
SetEnvironmentVariableA
GetEnvironmentStringsW
SetConsoleWindowInfo
ReleaseSemaphore
TerminateProcess
TlsAlloc
HeapFree
LocalCompact
GetEnvironmentStrings
TerminateThread
FindFirstFileW
WritePrivateProfileSectionW
SetStdHandle
CloseHandle
GetCurrentThread
GetProfileIntA
GetLocaleInfoW
VirtualAlloc
FlushFileBuffers
GlobalLock
EnterCriticalSection
WriteFile
WriteConsoleOutputCharacterA
FreeEnvironmentStringsW
GetModuleHandleA
InterlockedExchangeAdd
PulseEvent
TlsGetValue
HeapValidate
VirtualFree
FindClose
ReadFile
GetSystemDefaultLangID
FreeEnvironmentStringsA
InterlockedExchange
HeapAlloc
SleepEx
GetPrivateProfileSectionNamesA
OpenMutexA
SetLastError

user32

SetWindowsHookW
GetTabbedTextExtentW
CharLowerA
GetCaretBlinkTime
GetWindowTextLengthW
ChangeMenuA
TileChildWindows
RegisterDeviceNotificationA
CreateWindowStationW
GrayStringW
RegisterClassA
FindWindowExW
MessageBoxW
GetProcessDefaultLayout
DestroyWindow
GetGUIThreadInfo
GetMessageExtraInfo
PostThreadMessageA
ReleaseCapture
CallMsgFilterA
GetSysColor
CharNextExA
UnregisterClassA
TranslateMDISysAccel
IsCharUpperA
DefWindowProcA
SwitchToThisWindow
EndTask
GetScrollInfo
CloseDesktop
DdeQueryConvInfo
ShowWindow
RegisterClassExA
SetShellWindow
CheckMenuItem
DrawTextExW
DdeGetLastError
IsDialogMessage
GetComboBoxInfo
CreateWindowExA

gdi32

GetObjectA
GetGlyphOutlineW
GetEnhMetaFileDescriptionA
SetICMProfileW
CreateColorSpaceA
CreateDIBitmap
GetEnhMetaFileA
PlayMetaFileRecord
LPtoDP
SetDIBitsToDevice
DeleteDC
SetColorSpace
OffsetClipRgn
SwapBuffers
EnumFontFamiliesExA
ColorMatchToTarget
BeginPath
GetSystemPaletteUse
GetDeviceCaps
RoundRect
DeleteObject
StretchBlt
CreateFontIndirectW
EnumMetaFile
CreateDCW
CreatePolyPolygonRgn
ResetDCA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7df1a858eaafd2f07ee376d61934a57

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 249KB - Virtual size: 248KB

.data Size: 111KB - Virtual size: 141KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 249KB - Virtual size: 248KB

.data
Size: 111KB - Virtual size: 141KB

.rsrc
Size: 17KB - Virtual size: 16KB