98434fd8f277b314d4c72ea34ec81790N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

98434fd8f277b314d4c72ea34ec81790N.exe
Size

6.5MB
MD5

98434fd8f277b314d4c72ea34ec81790
SHA1

6826037ec700542cf4786424bd407900dc1e1cab
SHA256

c6b870e73ad11191c6ec044899653762be8d5e02b7f2f8674b66f47eee835fc5
SHA512

79d0955814594e7dc1f5fc436fc0d20497fa8deaa323864c16743e4648204e36ac694f1405547765d7e7e4c65d3d4c36a823371b5fea2ddc34c477355444a97f
SSDEEP

98304:kd6W0Ppij4Ru7PItAk6sFtg6ub/U161Nf4J4DSvG6+5LyF6Z9qksvc+355Yd:k8nPY7CC6iU61Nf4TG6KWmdEcbd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98434fd8f277b314d4c72ea34ec81790N.exe

Files

98434fd8f277b314d4c72ea34ec81790N.exe
.dll windows:6 windows x86 arch:x86

00ae70f3e1396b67549261935509afb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
CreateFileW
GetModuleFileNameA
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
ExpandEnvironmentStringsW
TlsFree
OpenFileMappingA
GetThreadTimes
GetStringTypeW
EnterCriticalSection
CreateNamedPipeA
RaiseException
GetStartupInfoW
CreateProcessA
TlsSetValue
TlsGetValue
GetTickCount
UnmapViewOfFile
CreateFileA
ExitProcess
GetSystemTime
FindNextFileW
GetLocalTime
FindClose
MultiByteToWideChar
GetConsoleCP
GetSystemTimeAsFileTime
WaitForSingleObject
HeapFree
GetCurrentProcess
SetEndOfFile
QueryPerformanceCounter
WideCharToMultiByte
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent

user32

SetCursor
MapDialogRect
SendDlgItemMessageA
MessageBeep
CreateIconIndirect
GetKeyboardState
GetWindowPlacement
SetPropA
GetScrollInfo
GetWindowLongA
SetWindowsHookExA
DestroyCursor
CheckDlgButton
SetMenu
FlashWindow
SetWindowTextA
ValidateRgn
GetDlgItemTextA
GetCaretBlinkTime
DestroyIcon
CheckMenuItem
IsRectEmpty
ClientToScreen
GetWindowRect
TrackPopupMenu
IsZoomed
CreateMenu
SetScrollRange
GetDC
SetWindowLongA
SetClassLongA
DefWindowProcA
RedrawWindow
GetDesktopWindow
CreatePopupMenu
EnableScrollBar
AppendMenuA

gdi32

EndPage
BitBlt
SetTextColor
MaskBlt
SetDIBColorTable
CopyEnhMetaFileA
ExcludeClipRect
GdiFlush
GetRgnBox
GetEnhMetaFileHeader
CreatePalette
DeleteObject
CreateRectRgnIndirect
RealizePalette
SetWinMetaFileBits
TextOutA
GetBitmapBits
SetWindowExtEx
GetDIBits
SetPixel
RectInRegion
GetTextExtentExPointA
GetTextExtentPointA
CreatePen
SetROP2
IntersectClipRect
PolyPolyline

advapi32

GetLengthSid
CopySid

Sections

.text
Size: 561KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00ae70f3e1396b67549261935509afb7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 561KB - Virtual size: 560KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 561KB - Virtual size: 560KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 12KB