98f9e4e7af94a908f7f3d9f1dabb5ab2b44051b0b575420210f01b78b2b427e1

Sharing

Copy URL Twitter E-mail

General

Target

98f9e4e7af94a908f7f3d9f1dabb5ab2b44051b0b575420210f01b78b2b427e1
Size

931KB
MD5

b32aa61a67d4729c904421efaf1c1174
SHA1

d94207d4dbcbbb983b0c59cecbb1e41c08ae61ab
SHA256

98f9e4e7af94a908f7f3d9f1dabb5ab2b44051b0b575420210f01b78b2b427e1
SHA512

fade325525c1956d47d34c76da173f6046a72ae6c85be2c199cfdfa379823bfcb170f0c9b00445c0aa5e3c8c3c2cd358533a39e1e21d75f3d47239b6c0ae46fe
SSDEEP

24576:SYvJKNpjK0+5RexEb/8JFEt3RYs0AmPbtJ:6p650JFENRfPmH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98f9e4e7af94a908f7f3d9f1dabb5ab2b44051b0b575420210f01b78b2b427e1

Files

98f9e4e7af94a908f7f3d9f1dabb5ab2b44051b0b575420210f01b78b2b427e1
.exe windows:5 windows x86 arch:x86

068ec95347c20ba939cd4c6d4e3f48f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
OpenMutexW
DecodePointer
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
OutputDebugStringA
GetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
CopyFileW
CreateProcessW
CreateEventW
GetTickCount
DeleteFileW
MoveFileExW
Sleep
WaitForMultipleObjects
GetSystemInfo
InterlockedCompareExchange
GetModuleFileNameW
GetLongPathNameW
InterlockedIncrement
GetFileAttributesW
CreateFileW
ExpandEnvironmentStringsW
FindFirstFileW
FindNextFileW
FindClose
SetEnvironmentVariableW
RemoveDirectoryW
GetEnvironmentVariableW
GetProcAddress
GetModuleHandleW
GetFullPathNameW
GetCurrentDirectoryW
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Process32NextW
GetFileTime
WriteFile
MultiByteToWideChar
GetStringTypeW
EncodePointer
IsDebuggerPresent
LocalFree
FormatMessageW
InterlockedDecrement
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
VirtualAlloc
VirtualFree
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
FileTimeToLocalFileTime
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
GetVersionExW
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapFree
GetCommandLineW
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
LoadLibraryExW
GetFileAttributesExW
HeapAlloc
HeapReAlloc
ReadFile
RtlUnwind
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
GetConsoleCP
GetConsoleMode
GetStdHandle
GetFileType
HeapSize
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetDriveTypeW
SetEndOfFile
SetEnvironmentVariableA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetTempPathW
GetTempFileNameW
ReleaseMutex
SetFilePointer
GetFileSize

user32

FindWindowW
IsWindow
SendMessageW
CharPrevExA
MessageBoxW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathRemoveFileSpecW
PathAddBackslashW
PathIsRelativeW
PathRemoveBackslashW
PathQuoteSpacesW
PathAppendW
SHCreateStreamOnFileEx
PathCanonicalizeW

winmm

timeGetTime

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

shell32

SHFileOperationW
SHCreateDirectoryExW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SysFreeString
SysAllocString
SysAllocStringLen
VariantCopy
SysStringLen

Sections

.text
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

068ec95347c20ba939cd4c6d4e3f48f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

version

shlwapi

winmm

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 592KB - Virtual size: 592KB

.rdata Size: 206KB - Virtual size: 206KB

.data Size: 14KB - Virtual size: 52KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 104KB - Virtual size: 104KB

.text
Size: 592KB - Virtual size: 592KB

.rdata
Size: 206KB - Virtual size: 206KB

.data
Size: 14KB - Virtual size: 52KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 104KB - Virtual size: 104KB