c99d95f8851140f7aed5a898b67ec228

Sharing

Copy URL Twitter E-mail

General

Target

c99d95f8851140f7aed5a898b67ec228
Size

177KB
MD5

c99d95f8851140f7aed5a898b67ec228
SHA1

e3d0d28b48d2195e2759bd48b43c85b8ab071dc1
SHA256

561eab4ae7d0f99eaa5610e5f26746f72d09982a84fb3234a49514e4510615df
SHA512

b0280cbc2c091913f7588e4ace0a9708b258d08c81050db6b53161a9e049e9f4343678b6e389fce974006887f1006a3f2bfd385e2c4fb1374655e55e22640013
SSDEEP

3072:guTXFLR/SMiiyu8/g81PzjTU4DE+ohDfVrjYLNLK8TtzdqSZO9cR0b:BTXFxiixYPjU4IJ65LKEnryS0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c99d95f8851140f7aed5a898b67ec228

Files

c99d95f8851140f7aed5a898b67ec228
.exe windows:4 windows x86 arch:x86

914273a88ef1f06392f52755e434fabc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetFileSize
GetCurrentProcess
GlobalLock
GetProfileStringW
ExitProcess
GetCurrentThread
lstrcmpW
LoadLibraryA
GetCalendarInfoW
SetCurrentDirectoryA
GetDateFormatA
GetWindowsDirectoryA
GetProcAddress
GetCurrentProcessId
SetThreadPriority
GetTempPathW
FreeLibrary
ReleaseMutex
WaitForSingleObject
MultiByteToWideChar
LeaveCriticalSection
CreateSemaphoreA
Sleep
GetThreadLocale
TlsGetValue
GetEnvironmentVariableW
GetSystemInfo
IsProcessorFeaturePresent
GlobalSize
WideCharToMultiByte
GetFileTime
InterlockedIncrement
FindClose
EnumResourceNamesA
GlobalFree
GetSystemDirectoryA
EnterCriticalSection
InterlockedCompareExchange
ReadFile
GlobalAlloc
GetModuleHandleA
GetSystemTimeAsFileTime
FindFirstFileA
CreateFileA
GetDateFormatW
GetLocaleInfoA
QueryPerformanceCounter
GetUserDefaultLangID
GetTimeFormatA
GetTickCount
GetVersionExA
GetModuleFileNameA
IsDebuggerPresent
InitializeCriticalSection
SetUnhandledExceptionFilter
GetLocalTime
UnhandledExceptionFilter
GlobalUnlock
GetSystemDefaultLCID
GetThreadPriority
FindNextFileA
GetCurrentThreadId
DeleteCriticalSection
TlsFree
TerminateProcess
GetACP
GetCurrentDirectoryA
CreateMutexA
GetLastError
TlsSetValue
CloseHandle
DeleteFileW
LocalAlloc
ReleaseSemaphore
GetTimeFormatW
lstrlenW
RaiseException

user32

GetActiveWindow
MonitorFromPoint
GetMonitorInfoA
CreateWindowExA
SetWindowPos
OffsetRect
GetDC
SetActiveWindow
WindowFromDC
EnumDisplayMonitors
DestroyWindow
ReleaseDC
LoadIconA
ScrollWindowEx
CharNextW
RegisterClassA
LoadCursorA
GetWindowRect
GetClientRect
GetDesktopWindow
DefWindowProcA
GetSystemMetrics
MonitorFromWindow
UnregisterClassA

gdi32

EqualRgn
SetPolyFillMode
ExtSelectClipRgn
ExtCreatePen
EndDoc
Rectangle
SetMiterLimit
BeginPath
DeleteDC
StrokePath
GetStockObject
CreateICW
PolylineTo
ModifyWorldTransform
StretchBlt
SaveDC
GetGraphicsMode
GetViewportOrgEx
DeleteObject
AbortDoc
ExtEscape
SelectClipPath
SetROP2
RealizePalette
StretchDIBits
CloseFigure
SetBrushOrgEx
Escape
PatBlt
GetDIBColorTable
GetObjectA
GetRgnBox
SetStretchBltMode
GetClipBox
CreateDIBSection
MoveToEx
SelectClipRgn
LineTo
CreateCompatibleDC
CreateRectRgn
ResetDCW
BitBlt
SetWorldTransform
SetDIBits
SelectObject
EndPage
StartPage
RestoreDC
StartDocW
EndPath
GetCurrentObject
OffsetRgn
CreatePolyPolygonRgn
CreatePalette
GetRegionData
FillPath
CreateCompatibleBitmap
GetWorldTransform
SelectPalette
CreateBitmap
CreateDCW
CreateBrushIndirect
IntersectClipRect
CreatePatternBrush
CombineRgn
GetDeviceCaps
SetGraphicsMode
PolyBezierTo
PolyDraw

shlwapi

PathRemoveFileSpecA
PathAppendA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

ole32

OleIsCurrentClipboard
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
CoGetProcessIdentifier
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
OleInitialize
CoGetClassObject
CoCreateInstance
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoRevokeClassObject
StgOpenStorageOnILockBytes
CLSIDFromString

msimg32

AlphaBlend

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

914273a88ef1f06392f52755e434fabc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

advapi32

ole32

msimg32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 68KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 68KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 92KB