d598ea96f604d64e891de915dd6e4980N

Sharing

Copy URL

Twitter E-mail

General

Target

d598ea96f604d64e891de915dd6e4980N
Size

147KB
MD5

d598ea96f604d64e891de915dd6e4980
SHA1

14243003587c98fc3dd383746fc79c734416a039
SHA256

0b88d3f95b2e803c515fa6a23936224efccc48ac66c46d0bf9b3434e77921b99
SHA512

c6c1e1e432dcb0b1059dee81ad3232763d89440d343421ddcc3f7e854b8bcb1163053dcc944f5707afc38f821a4385ee1fddc9783f2369c6d2fcb002ceee6318
SSDEEP

3072:8q4xVZT/inXoi+GLelKvRDNdZ0y4yehlIik6B7:+xVZro+jwn74yeh7FB7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d598ea96f604d64e891de915dd6e4980N

Files

d598ea96f604d64e891de915dd6e4980N
.exe windows:5 windows x86 arch:x86

88e69fbe1cee84c63285d70673560bf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\kngfPTweAW\Xghnoym\RBLoKCh\fmnocpeI\izTPhmbfw.pdb

Imports

user32

GetShellWindow
GetDlgCtrlID
SendMessageTimeoutA
CreateDialogIndirectParamW
GetClassInfoExW
MonitorFromPoint
DeleteMenu
InflateRect
GetUserObjectInformationW
GetScrollInfo
CreateIconIndirect
GetClassInfoExA
LoadCursorW
LoadBitmapW
DrawEdge
OpenIcon
GetMessageA
CreateWindowExW
GetKeyboardLayout
CheckRadioButton
AllowSetForegroundWindow
GetKeyboardLayoutList
CreateAcceleratorTableW
GetWindowRect
OemToCharBuffA
SetScrollInfo
TrackPopupMenu
CharUpperA
SetSysColors
MessageBoxExW
GetMessageW
MessageBoxW
DispatchMessageW
IsCharUpperA
ScrollWindow
GetMenuItemInfoW
IsIconic
DefFrameProcW
CharPrevA
GetClipCursor
OemToCharA
SetDlgItemInt
ShowCaret
SetPropW
GetClassLongA
DialogBoxParamW
GetMessageTime
GetParent
GetWindow
GetMonitorInfoW
EndDialog
CharToOemA
SetTimer
ReplyMessage
SystemParametersInfoW
DefWindowProcW
SetFocus
MoveWindow
CopyImage
SetActiveWindow
LoadIconW
UpdateWindow
GetPropW
TranslateAcceleratorW
LoadMenuA
LookupIconIdFromDirectory
IsRectEmpty
LoadIconA
EnumThreadWindows
CopyRect
ChildWindowFromPoint
CharLowerBuffW
SendDlgItemMessageW
SetWindowLongW
CreateDialogParamW
MapDialogRect
VkKeyScanW
MonitorFromRect
MapWindowPoints
LoadStringA
ClipCursor
GrayStringW
PostQuitMessage
CopyAcceleratorTableW
AppendMenuA
DestroyAcceleratorTable
EnableScrollBar
SetRect
wvsprintfA
SetRectEmpty
RegisterClassW
GetMenuItemRect
CharToOemBuffA
SetLastErrorEx
CharLowerA
SetMenu
DestroyCursor
UnionRect
GetDlgItemTextA
InsertMenuW
ClientToScreen
FrameRect
GetLastActivePopup
GetMessageExtraInfo
ScreenToClient
ScrollWindowEx
FindWindowExW
AppendMenuW
CharUpperW
GetDC
GetDialogBaseUnits
GetWindowPlacement
TranslateAcceleratorA
MessageBoxExA
IsCharAlphaNumericW
DrawMenuBar
TabbedTextOutW
GetWindowTextLengthW
DialogBoxParamA
SetMenuItemBitmaps
DrawFrameControl

msvcrt

fgetc
wcspbrk
perror
_controlfp
isprint
puts
memset
gmtime
mbtowc
atol
wcscoll
__set_app_type
wcstod
remove
iswdigit
vswprintf
__p__fmode
__p__commode
_amsg_exit
setvbuf
malloc
wcsncmp
wcstombs
_initterm
isalpha
rand
_ismbblead
_XcptFilter
fputc
_exit
fgets
clearerr
strpbrk
isxdigit
clock
putc
towlower
islower
wcsstr
_cexit
iswprint
isspace
localtime
strrchr
__setusermatherr
__getmainargs
swscanf
strerror

kernel32

SetFileApisToOEM
GetSystemWindowsDirectoryW
GlobalUnlock
GlobalHandle
CreateDirectoryW
lstrlenW
FindResourceA
IsBadWritePtr
GetVersion
GetStartupInfoA
lstrcpyW
FormatMessageW
SetEndOfFile
OpenEventA
MoveFileW
DisconnectNamedPipe
lstrcatA
GetTempFileNameA
LoadLibraryA
FindNextFileW
GetSystemDefaultUILanguage
lstrcpyA
HeapWalk
GetComputerNameW
SetThreadLocale
VirtualQuery
CancelIo
GetFullPathNameW
LocalFree
GetLocalTime
CreateNamedPipeA
FindResourceExA
SearchPathA
GetModuleFileNameA
CopyFileW
LockResource
HeapCreate
FindResourceExW
GetNumberFormatA
FileTimeToLocalFileTime
AreFileApisANSI
SetCommBreak
QueryDosDeviceW
SetPriorityClass
CreateEventW
GetCommProperties
ConnectNamedPipe
SetFileAttributesA
ConvertDefaultLocale
GetCompressedFileSizeW
HeapReAlloc
GlobalGetAtomNameA
GetFullPathNameA
GetTempPathW
TlsGetValue
CreateFileMappingW

shlwapi

PathIsUNCW

Exports

Exports

?OwnerInitDescriptor@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ntrs
Size: 512B - Virtual size: 267B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mode
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88e69fbe1cee84c63285d70673560bf9

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 89B

.ntrs Size: 512B - Virtual size: 267B

.ips3 Size: 1024B - Virtual size: 704B

.data Size: 3KB - Virtual size: 2KB

.mode Size: - Virtual size: 124KB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 89B

.ntrs
Size: 512B - Virtual size: 267B

.ips3
Size: 1024B - Virtual size: 704B

.data
Size: 3KB - Virtual size: 2KB

.mode
Size: - Virtual size: 124KB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 2KB - Virtual size: 1KB