0b97f68f743a2b99b9f4b8e9cc0ded174003fc91461c07ac8d2c79f2112f8152

Sharing

Copy URL

Twitter E-mail

General

Target

0b97f68f743a2b99b9f4b8e9cc0ded174003fc91461c07ac8d2c79f2112f8152
Size

10.2MB
MD5

7199a6ac01a601402ecf5b8f1b6aa968
SHA1

cf0b5b3f5d074d750542d42b8d98f0cf18767376
SHA256

0b97f68f743a2b99b9f4b8e9cc0ded174003fc91461c07ac8d2c79f2112f8152
SHA512

2a055a3bfa6309d693c9ff52e58f914bd9d5822965c6ce948b906d9a00be5dfa3d60104f3e8158c22fdd5ea033ca3637a35d7b3943512f7dac030ac01f7032b5
SSDEEP

196608:rc/yILky5mNrjs6qNaIYQdTiyhpx9fvx7:8Lh5mZzqNaaGyrvx7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b97f68f743a2b99b9f4b8e9cc0ded174003fc91461c07ac8d2c79f2112f8152

Files

0b97f68f743a2b99b9f4b8e9cc0ded174003fc91461c07ac8d2c79f2112f8152
.exe windows:4 windows x86

cc26a027a1e0e222dc9c51d9ce4679c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

toolkitpro1201vc60

?GetImageManager@CXTPTaskPanel@@QBEPAVCXTPImageManager@@XZ

mfc42

ord4532

msvcrt

__RTtypeid

kernel32

WideCharToMultiByte
VirtualQuery
VirtualProtect
EnterCriticalSection
LeaveCriticalSection
GetTickCount64
LoadLibraryA
GetCurrentThreadId
GetModuleFileNameA
GetLastError
GetModuleHandleA
GetProcAddress
SuspendThread
ResumeThread
ExitProcess
Thread32Next
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
OpenThread
CloseHandle
GetThreadId
TerminateThread
WaitForSingleObject
CreateThread
WakeConditionVariable
GetProcessHeap
HeapAlloc
HeapFree
OpenProcess
ReadProcessMemory
GetSystemInfo
TlsGetValue
GetCurrentProcess
TerminateProcess
TlsSetValue
InitializeConditionVariable
InitializeCriticalSection
GetCommandLineA
CreateEventA
GetModuleHandleW
GetModuleFileNameW
SleepConditionVariableCS
TlsFree
LocalAlloc
TlsAlloc
LocalFree
IsWow64Process
FormatMessageA
HeapReAlloc
GetCurrentThread
VirtualAlloc
GetThreadContext
VirtualFree
IsDebuggerPresent
ResetWriteWatch
GetWriteWatch
GetTickCount
GetACP
GetOEMCP
GetThreadLocale
GetSystemDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemDefaultLCID
GetThreadUILanguage
PostQueuedCompletionStatus
SetLastError
GetFileType
QueryDosDeviceW
ReleaseMutex
FlushViewOfFile
CreateMutexA
UnmapViewOfFile
FreeLibrary
Module32First
GetCurrentDirectoryA
Module32Next
GetModuleHandleExA
CreateFileMappingA
WriteProcessMemory
InterlockedCompareExchange
InterlockedIncrement
SetThreadPriority
OutputDebugStringA
InterlockedExchangeAdd
OpenMutexA
InterlockedDecrement
CreateFileA
WriteFile
ReadFile
DeviceIoControl
GetVolumeInformationA
GetEnvironmentVariableA
GetSystemTime
SystemTimeToFileTime
CreateProcessW
GetEnvironmentVariableW
GetExitCodeThread
CreateFileW
GetProcessTimes
GetFileInformationByHandle
WideCharToMultiByte
GetVersionExA
DuplicateHandle
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
FindFirstFileW
SetErrorMode
GetVersion
GetLocalTime
FindFirstFileA
GetFileSize
FindNextFileA
GetComputerNameExW
LoadLibraryExA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateDirectoryW
SwitchToFiber
ConvertThreadToFiber
DeleteFiber
FlushFileBuffers
GetLogicalDrives
GetDriveTypeA
DeleteFileW
RemoveDirectoryW
CreateSemaphoreA
SearchPathA
OpenSemaphoreA
ReleaseSemaphore
SetFilePointerEx
SwitchToThread
GetComputerNameW
MultiByteToWideChar
SetFileAttributesW
FindNextFileW
MoveFileExW
DefineDosDeviceA
QueryDosDeviceA
SetEndOfFile
GetExitCodeProcess
CreateProcessA
OpenFileMappingA
HeapSize
ReadConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
IsValidCodePage
FindFirstFileExW
FindClose
SetEvent
MapViewOfFile
Sleep
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedFlushSList
RaiseException
LoadLibraryExW
GetStdHandle
GetModuleHandleExW
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
GetFileSizeEx
WriteConsoleW

user32

EnableWindow
UnhookWindowsHookEx
SetWindowsHookExA
SendMessageA
MessageBoxA
EnumWindows
ShowWindow
GetDlgItem
CallNextHookEx
GetWindowThreadProcessId

gdi32

CreateCompatibleDC

shell32

ShellExecuteA

comctl32

ImageList_BeginDrag

ole32

CoUninitialize

olepro32

ord251

oleaut32

VariantCopy

msvcirt

?close@ofstream@@QAEXXZ

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

sentinelkeyw

SFNTGetLicense

hasp_windows_112851

ord8

advapi32

RegisterEventSourceA
DeregisterEventSource

Sections

.text
Size: 980KB - Virtual size: 978KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.merged
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc26a027a1e0e222dc9c51d9ce4679c4

Headers

File Characteristics

Imports

toolkitpro1201vc60

mfc42

msvcrt

kernel32

user32

gdi32

shell32

comctl32

ole32

olepro32

oleaut32

msvcirt

msvcp60

sentinelkeyw

hasp_windows_112851

advapi32

Sections

.text Size: 980KB - Virtual size: 978KB

.rdata Size: 108KB - Virtual size: 105KB

.data Size: 152KB - Virtual size: 157KB

.idata Size: 32KB - Virtual size: 31KB

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.reloc Size: 76KB - Virtual size: 73KB

.merged Size: 5.7MB - Virtual size: 5.7MB

.text
Size: 980KB - Virtual size: 978KB

.rdata
Size: 108KB - Virtual size: 105KB

.data
Size: 152KB - Virtual size: 157KB

.idata
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

.reloc
Size: 76KB - Virtual size: 73KB

.merged
Size: 5.7MB - Virtual size: 5.7MB