0fe1f97cecf8c4c1a2a748989cd05809ecbe95031553efc32f8d24ac0dc8db79

Sharing

Copy URL Twitter E-mail

General

Target

0fe1f97cecf8c4c1a2a748989cd05809ecbe95031553efc32f8d24ac0dc8db79
Size

960KB
MD5

813db4ae315f9339b8c17e0b06cf9151
SHA1

18a3a755b25dbcb6a7fc07b090d29f189e89ce41
SHA256

0fe1f97cecf8c4c1a2a748989cd05809ecbe95031553efc32f8d24ac0dc8db79
SHA512

4390b5cdb1d19e914683ffb2e57e6392e822bd757693f54b7410b09edf91b2d31a0d2a51e7efac481a71611e9b135ae83dffb06eecb9c868a3536c4972938797
SSDEEP

24576:pMq1PKw2rZCCcTE7NyJVnHtAbkU09XZXze:miKw2rYC2qNyJVL9XZy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fe1f97cecf8c4c1a2a748989cd05809ecbe95031553efc32f8d24ac0dc8db79

Files

0fe1f97cecf8c4c1a2a748989cd05809ecbe95031553efc32f8d24ac0dc8db79
.exe windows:4 windows x86

f7f137adf6d9d37c58006f8eb013911d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
ExitProcess
HeapSize
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetProfileIntA
GetTickCount
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
WritePrivateProfileStringA
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GetCurrentProcessId
CopyFileA
LocalFree
MulDiv
DebugBreak
GetVersionExA
GlobalFree
FreeLibrary
lstrcpynA
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetLastError
RaiseException
SetFilePointer
GetComputerNameA
GetModuleFileNameA
GetCurrentProcess
GetACP
FormatMessageA
CloseHandle
GetCurrentThreadId
ResetEvent
CreateEventA
TerminateThread
WriteFile
GetCurrentThread
SetEvent
WaitForSingleObject
CreateFileA
DeleteFileA
EnterCriticalSection
GetFileAttributesA
LeaveCriticalSection
Sleep
LockResource
SizeofResource
LoadResource
FindResourceA
GetVersion
CompareStringA
GetLastError
InterlockedExchange
GlobalUnlock
lstrlenW
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalSize
lstrlenA
VirtualFree

user32

KillTimer
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
SetParent
GetDCEx
LockWindowUpdate
PostThreadMessageA
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetRectEmpty
IsZoomed
DestroyMenu
InflateRect
CharNextA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
ShowWindow
MoveWindow
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
TrackPopupMenu
GetScrollRange
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
PeekMessageA
ValidateRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
GetWindowLongA
SetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
CheckMenuItem
GetMenuState
GetMenuItemID
EqualRect
InsertMenuA
ScreenToClient
FillRect
DrawTextA
GetKeyState
GetFocus
GetDesktopWindow
GetMenuItemCount
PostMessageA
GetWindow
UpdateWindow
DrawFocusRect
ReleaseDC
GetSysColor
InvalidateRgn
CopyAcceleratorTableA
UnregisterClassA
GetSysColorBrush
CopyRect
IsIconic
ReleaseCapture
SetCapture
SetRect
IsRectEmpty
GetMenu
WindowFromPoint
DrawIcon
GetClientRect
ExitWindowsEx
GetCursorPos
CreatePopupMenu
AppendMenuA
GetSystemMetrics
UnregisterHotKey
RegisterHotKey
GetSubMenu
LoadMenuA
InvalidateRect
EnableMenuItem
GetMessagePos
IsWindow
SetCursor
SetTimer
GetWindowRect
PtInRect
GetDC
LoadCursorA
GetParent
LoadIconA
SendMessageA
SetWindowTextA
EnableWindow
CloseClipboard
CharUpperA
EmptyClipboard
OpenClipboard
SetClipboardData
DefWindowProcA

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
CreatePen
GetBkColor
GetTextColor
SetRectRgn
CombineRgn
GetMapMode
GetRgnBox
MoveToEx
LineTo
IntersectClipRect
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
CreateSolidBrush
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateRectRgnIndirect
CreateBitmap
CopyMetaFileA
GetDeviceCaps
CreateCompatibleBitmap
CreateFontIndirectA
GetTextExtentPoint32A
GetCharWidthA
GetTextMetricsA
DeleteDC
CreateDIBSection
StretchBlt
SetDIBColorTable
DeleteObject
SelectObject
CreateCompatibleDC
GetDIBColorTable
GetObjectA
SelectClipRgn

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
OpenProcessToken
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

RevokeDragDrop
OleFlushClipboard
OleInitialize
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoTaskMemFree
CoLockObjectExternal
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
RegisterDragDrop
OleIsCurrentClipboard
DoDragDrop
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
OleUninitialize

oleaut32

SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime

gdiplus

GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipDrawImageI
GdiplusStartup
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipBitmapUnlockBits
GdipGetImagePixelFormat

wininet

InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetSetStatusCallback
InternetGetCookieA
InternetSetCookieA
InternetAttemptConnect
HttpOpenRequestA
InternetSetOptionA
InternetReadFile
InternetCrackUrlA
InternetReadFileExA
InternetConnectA
InternetOpenUrlA
HttpQueryInfoA

Sections

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7f137adf6d9d37c58006f8eb013911d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

wininet

Sections

.text Size: 760KB - Virtual size: 758KB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 760KB - Virtual size: 758KB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 36KB - Virtual size: 36KB