b0ad41aff16105bbe2177af2b1a5ced0562991f410b31991904dfb730ccb9a01

Sharing

Copy URL Twitter E-mail

General

Target

b0ad41aff16105bbe2177af2b1a5ced0562991f410b31991904dfb730ccb9a01
Size

792KB
MD5

75e04a94c7707d99b9eaa61590e67f4f
SHA1

91d27f2f07a79e38330ce406f99c717b4a48ac94
SHA256

b0ad41aff16105bbe2177af2b1a5ced0562991f410b31991904dfb730ccb9a01
SHA512

e693683a3385db72ffaf6779ffe06d44cc63777d914904b72a270aa24d0425f6edd880d27019b457ab4eaf8634d42cb09097ae634901ab7d034da01ab077985d
SSDEEP

24576:YD4utt2FYIugi5flTybd50fi8xZq3nMlBn:wbybU68LwnMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0ad41aff16105bbe2177af2b1a5ced0562991f410b31991904dfb730ccb9a01

Files

b0ad41aff16105bbe2177af2b1a5ced0562991f410b31991904dfb730ccb9a01
.exe windows x86

9160d7e1d64e9a6876cd6f5b97a31890

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetCPInfo
GetOEMCP
SetErrorMode
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetTimeZoneInformation
ExitThread
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
TlsFree
SetStdHandle
GetFileType
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
IsProcessorFeaturePresent
InterlockedCompareExchange
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetThreadLocale
GetModuleFileNameW
WritePrivateProfileStringA
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalAddAtomA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
FreeLibrary
GlobalDeleteAtom
GetModuleHandleA
GlobalFree
WaitForSingleObjectEx
SetEvent
SetThreadPriority
GetSystemTimeAsFileTime
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileTime
GetCurrentDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
FindFirstFileA
FindClose
FormatMessageA
LocalAlloc
LocalFree
GetFileTime
ReadFile
CreateDirectoryA
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
SetFileAttributesA
GetFileSize
WriteFile
CreateFileA
WaitForSingleObject
CreateThread
CloseHandle
CreateMutexA
CreateEventA
GetFileAttributesA
DeleteFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateProcessA
SetLastError
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
lstrcmpA
FlushInstructionCache
LoadLibraryA
GetProcAddress
TerminateProcess
GetCurrentProcess
Sleep
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedDecrement
InterlockedIncrement
IsBadWritePtr
GetModuleFileNameA
lstrlenA
CompareStringW
CompareStringA
lstrlenW
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
HeapSize
InterlockedExchange

user32

RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetActiveWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
UpdateWindow
GetMenu
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
FlashWindowEx
GetClipboardData
CharUpperA
DrawIcon
CreatePopupMenu
CloseClipboard
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
MessageBoxW
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
PostQuitMessage
CreateAcceleratorTableA
CreateWindowExA
RegisterClassExA
LoadCursorA
GetClassInfoExA
IsWindow
SetFocus
GetFocus
UnregisterClassA
MessageBeep
GetWindow
DestroyAcceleratorTable
GetNextDlgGroupItem
SetRect
IsRectEmpty
CopyAcceleratorTableA
CopyRect
AppendMenuA
SendMessageA
PostMessageA
IsIconic
GetClientRect
SetTimer
GetDesktopWindow
ShowScrollBar
OpenClipboard
EnableWindow
LoadIconA
SetWindowLongA
GetWindowLongA
GetCursorPos
GetSystemMetrics
GetWindowRect
FindWindowA
ShowWindow
DefWindowProcA
GetSysColor
CharNextA
MoveWindow
SetWindowPos
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetParent
GetDlgItem
GetClassNameA
ReleaseCapture
FillRect
DestroyWindow
CallWindowProcA
BeginPaint
EndPaint
IsDialogMessageA

gdi32

ExtSelectClipRgn
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
CreateRectRgnIndirect
CreateCompatibleDC
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
ExtTextOutA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
DeleteObject
SelectObject
DeleteDC
GetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathFindExtensionA

oledlg

ord8

ole32

CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemFree
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoTaskMemAlloc
OleLockRunning
StringFromGUID2
CoCreateInstance
CoRevokeClassObject

oleaut32

SysStringLen
SysAllocStringLen
SysAllocString
SysStringByteLen
VariantInit
VariantClear
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
DispCallFunc
SysAllocStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
SysFreeString
VariantCopy
SafeArrayDestroy
GetErrorInfo

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
InternetSetOptionA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

ws2_32

WSACleanup
WSAStartup
recvfrom
inet_ntoa
htons
socket
bind
closesocket
getsockname
inet_addr
ioctlsocket
getsockopt
setsockopt
sendto
gethostname
gethostbyname
ntohs
htonl

Sections

.text
Size: 528KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9160d7e1d64e9a6876cd6f5b97a31890

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

ws2_32

Sections

.text Size: 528KB - Virtual size: 526KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 20KB - Virtual size: 43KB

.rsrc Size: 80KB - Virtual size: 77KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 528KB - Virtual size: 526KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 20KB - Virtual size: 43KB

.rsrc
Size: 80KB - Virtual size: 77KB

.rmnet
Size: 60KB - Virtual size: 60KB