0b503f42e5c2c722599be6245cfadd54aee5b802a07d08001e75d7a661de95e1

Sharing

Copy URL Twitter E-mail

General

Target

0b503f42e5c2c722599be6245cfadd54aee5b802a07d08001e75d7a661de95e1
Size

1.9MB
MD5

9330252617a7366871c677a67880c4ae
SHA1

e90b9c7bff4bd741e95edbe968dbbf5e0dc0585d
SHA256

0b503f42e5c2c722599be6245cfadd54aee5b802a07d08001e75d7a661de95e1
SHA512

0d1a78788fbe4dbd7c265f24a7cfaaafc383be21de7294798397fb1a67a55238f8247703846cc092a9fcac5a23a8af32c87a82abdf965d6af5e679536a333162
SSDEEP

49152:8FXretgPb1yV7t4rnFbjrDEtxOEYRleh4S5dz1nTNSXffkP0EIdCDrOv:UXqCb1yT4TBj3ETOEYbeuSRTNSXffkPm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b503f42e5c2c722599be6245cfadd54aee5b802a07d08001e75d7a661de95e1

Files

0b503f42e5c2c722599be6245cfadd54aee5b802a07d08001e75d7a661de95e1
.exe windows x86

fadcd593b4c794cbe8a2697f9e0f957c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
LockResource
MoveFileExA
GetProcessHeap
WriteConsoleW
SizeofResource
GetConsoleOutputCP
LoadResource
FindResourceA
GetDriveTypeA
QueryDosDeviceA
CreateFileA
CloseHandle
InterlockedDecrement
GetModuleFileNameA
SetCurrentDirectoryA
GetPrivateProfileStringA
lstrlenW
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
GetSystemWindowsDirectoryA
GetLogicalDriveStringsA
DeleteFileA
GetSystemDirectoryA
MultiByteToWideChar
lstrcatA
SetUnhandledExceptionFilter
SetErrorMode
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
VirtualProtect
OutputDebugStringA
FormatMessageA
GetLastError
GetACP
WriteConsoleA
GetLocaleInfoW
CompareStringW
QueryPerformanceCounter
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetVersionExA
ExitProcess
Sleep
CreateMutexA
SetThreadExecutionState
GetPrivateProfileIntA
WaitForSingleObject
GetVolumeInformationA
CreateThread
CreateDirectoryA
GetWindowsDirectoryA
WriteFile
SetFilePointer
GetFileSize
ReadFile
GetFileSizeEx
WritePrivateProfileStringA
FileTimeToSystemTime
SetThreadLocale
lstrlenA
MulDiv
LocalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
SetLastError
FreeResource
GetModuleHandleA
GetModuleFileNameW
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
SetHandleCount
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetFileType
SetStdHandle
HeapSize
ExitThread
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
LocalLock
LocalUnlock
FindResourceExA
GetProfileIntA
GetTickCount
SearchPathA
GetTempPathA
GetTempFileNameA
GetCurrentDirectoryA
lstrcpyA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
GetFullPathNameA
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalReAlloc
GetFileTime
GetFileAttributesA
GetFileAttributesExA
FileTimeToLocalFileTime
GetThreadLocale
ResumeThread
WideCharToMultiByte

user32

UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
TranslateAcceleratorA
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextA
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageA
DestroyIcon
CopyImage
OpenClipboard
DrawStateA
RegisterClipboardFormatA
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
InvalidateRect
ReleaseCapture
IsMenu
SetCapture
GetSystemMenu
DeleteMenu
SetClassLongA
WindowFromPoint
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableA
LoadAcceleratorsA
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
WaitMessage
PostThreadMessageA
LoadMenuA
SetRectEmpty
DestroyMenu
IsCharLowerA
InflateRect
UnregisterClassA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
CharUpperA
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
EnableWindow
ShowWindow
SendMessageA
GetWindowRect
GetClientRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
MessageBeep
RedrawWindow
IsZoomed
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetKeyNameTextA
MapVirtualKeyExA
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffA
CopyIcon
SubtractRect
GetIconInfo
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetDoubleClickTime
CreateMenu
GetWindowRgn
DrawIcon
GetMenuItemInfoA
GetParent
LoadIconA
KillTimer
SetTimer
RegisterDeviceNotificationA
ClientToScreen
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
EndDialog
GetNextDlgTabItem
IsWindowEnabled
DestroyCursor
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
UnhookWindowsHookEx
GetWindow
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetMenu
PtInRect
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
CopyRect
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
MessageBoxA
PostMessageA
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetKeyState
TrackPopupMenu
ScrollWindow
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA

gdi32

ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
CreateRectRgnIndirect
OffsetRgn
GetRgnBox
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
TextOutA
SetPixel
CreateDIBSection
GetBkColor
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
RectVisible
GetDeviceCaps
CopyMetaFileA
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
StretchBlt

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA

shell32

DragFinish
SHGetSpecialFolderPathA
SHCreateDirectoryExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
SHAppBarMessage
ShellExecuteA
DragQueryFileA
ShellExecuteExA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFileExistsA
PathRemoveFileSpecW

oledlg

ord8

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitialize
CoInitializeEx
CoUninitialize
IsAccelerator

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
VariantInit
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocStringLen
SysFreeString
VariantClear

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdiplusShutdown
GdiplusStartup
GdipDrawImageI

dbghelp

MiniDumpWriteDump

odbc32

ord17
ord41
ord10
ord61
ord3
ord16
ord2
ord1
ord15
ord9
ord14
ord20
ord8
ord48
ord49
ord11
ord19
ord12
ord46
ord18
ord13
ord59
ord43
ord68
ord44
ord45
ord50
ord51
ord5

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fadcd593b4c794cbe8a2697f9e0f957c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

dbghelp

odbc32

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 313KB - Virtual size: 313KB

.data Size: 27KB - Virtual size: 54KB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 151KB - Virtual size: 150KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 313KB - Virtual size: 313KB

.data
Size: 27KB - Virtual size: 54KB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 151KB - Virtual size: 150KB