c99958a49e427bc7114036f2fca36ba4

Sharing

Copy URL Twitter E-mail

General

Target

c99958a49e427bc7114036f2fca36ba4
Size

167KB
MD5

c99958a49e427bc7114036f2fca36ba4
SHA1

77dca14d1e96bcc155462ddb6fb42f17ec3c7de7
SHA256

57adfb9ea81f6a1e5a4efedaf27fdb4f1a34680849f96a692c22c77fb172af70
SHA512

67e239c1e9afbae44e6405d4c623e3cd155c60c232dbbb780779ba4f0cac51225113aa864d3e6746f849677595b4d0d2522c4a7ea8f71e78b5127f4629839571
SSDEEP

3072:+P41a71FsmbfQakyZDGkszGmktiWxXkqGr/vdkJYOg+hRns5Rmd4:c4YmafiyZDGkszGmARGr/FmDVq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c99958a49e427bc7114036f2fca36ba4

Files

c99958a49e427bc7114036f2fca36ba4
.exe windows:4 windows x86 arch:x86

8c8424d767d2fb9692066ea9116720ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessTimes
Module32NextW
PeekConsoleInputA
FindNextFileW
WriteTapemark
GetLocaleInfoW
GetCurrentProcessId
ProcessIdToSessionId
VerifyVersionInfoW
OpenWaitableTimerA
GetStartupInfoA
GetModuleHandleA
IsBadCodePtr
FillConsoleOutputCharacterW
SetUnhandledExceptionFilter
GetCPInfo
SetCommConfig
FreeEnvironmentStringsW
GetHandleInformation
GetConsoleCP
MoveFileWithProgressW

msvcrt

_initterm
__set_app_type
_control87
fputs
__p__commode
_wspawnve
__setusermatherr
_exit
_memicmp
__p__fmode
__getmainargs
_adjust_fdiv
_adj_fdiv_m32i
exit
abort
_except_handler3
_heapmin
_mbsbtype
_fstat64
mbtowc
_acmdln
_chmod
strcat
_tell
_XcptFilter
_wfreopen
_setjmp3
_callnewh
_controlfp

user32

NotifyWinEvent
GetCursor
GetKeyboardLayoutNameW
DdeFreeStringHandle
GetSysColor
UnloadKeyboardLayout
DefWindowProcW
SetClassWord
GetNextDlgTabItem
SetPropA
EnumDisplaySettingsW
DrawTextA
GetScrollRange
LoadCursorW
CreateIconFromResource
DefFrameProcW
MessageBoxIndirectA
ScrollWindowEx
DdeEnableCallback
LockSetForegroundWindow
SetActiveWindow
RegisterHotKey
CharNextW
SystemParametersInfoW
InflateRect
LookupIconIdFromDirectory

gdi32

GetTextFaceA
RemoveFontResourceW
CreateEllipticRgnIndirect
BitBlt
GdiGetBatchLimit
DescribePixelFormat
CreateFontIndirectExW
TextOutW
SetWinMetaFileBits
GetTextCharset
RectInRegion
PlayMetaFile
ExtTextOutA
GetViewportOrgEx
GdiGetPageHandle
GetTextExtentExPointI
CreateDCW
PolyPolyline
AbortPath
CreatePalette
GetViewportExtEx
IntersectClipRect
PolyTextOutA
EndPage
SetBoundsRect
SwapBuffers

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c8424d767d2fb9692066ea9116720ad

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 512B - Virtual size: 64KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 512B - Virtual size: 64KB

.rsrc
Size: 10KB - Virtual size: 9KB