0fb81c50d83aaf12624503eb27db60a0e752f3bb0335b9b6bbcc85a03be2b939

Sharing

Copy URL Twitter E-mail

General

Target

0fb81c50d83aaf12624503eb27db60a0e752f3bb0335b9b6bbcc85a03be2b939
Size

422KB
MD5

6bc1a5a28ed94cfd4fd0069732446229
SHA1

0fb9438fd10d5356e4506f5884eef1075eea4e73
SHA256

0fb81c50d83aaf12624503eb27db60a0e752f3bb0335b9b6bbcc85a03be2b939
SHA512

35e7b6fb8b35b393a0c71a9de17e9d3d70d83376083c4aba5a627f1a31810358f2ac8ff6e27787c6a1f389fd7818398ad6203e1bb64df992e0c78acb783896e6
SSDEEP

6144:0u1i1mcXJh0xaw9idGEzlERpbx7xUp0ydBCqeuahgdN99Hbn:0D1rf0idGEzlExGzdReuah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb81c50d83aaf12624503eb27db60a0e752f3bb0335b9b6bbcc85a03be2b939

Files

0fb81c50d83aaf12624503eb27db60a0e752f3bb0335b9b6bbcc85a03be2b939
.exe windows:6 windows x86

426a05c2b191cc8085e471804506d4ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

if_nametoindex
GetAdaptersInfo
GetAdaptersAddresses

ws2_32

__WSAFDIsSet
accept
send
WSAAddressToStringW
bind
closesocket
connect
getsockname
listen
recv
recvfrom
setsockopt
getnameinfo
freeaddrinfo
getaddrinfo
WSASetServiceW
WSAStringToAddressW
shutdown
WSAGetLastError
WSACleanup
WSAStartup
socket
select

pdh

PdhCollectQueryData
PdhCloseQuery
PdhGetFormattedCounterValue
PdhValidatePathW
PdhRemoveCounter
PdhAddCounterW
PdhOpenQueryW

comctl32

InitCommonControlsEx

faultrep

ReportFault

dbghelp

MiniDumpWriteDump

kernel32

FlushFileBuffers
SetConsoleCtrlHandler
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
OutputDebugStringW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
ReadConsoleW
HeapSize
GetTempPathW
GetFileType
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
CreateFileW
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
HeapReAlloc
CreateMutexW
Sleep
GetCurrentProcess
GetCurrentProcessId
CreateThread
GetCurrentThreadId
ExitThread
GetLocalTime
GetVersionExW
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryW
GetComputerNameW
HeapFree
GetModuleHandleW
LocalFree
FormatMessageW
LeaveCriticalSection
GetDateFormatW
GetTimeFormatW
GetCurrentThread
ExitProcess
WriteFile
GetStdHandle
CreateDirectoryW
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
CloseHandle
LoadLibraryExW
TlsFree
TlsSetValue
DecodePointer
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
SetEndOfFile
WriteConsoleW
ReadFile
DeleteCriticalSection
TerminateProcess
UnhandledExceptionFilter

user32

IsDialogMessageW
LoadIconW
GetParent
GetDesktopWindow
SetClassLongW
MessageBoxW
GetWindowRect
SetWindowTextW
EnableWindow
KillTimer
SetTimer
GetDlgItem
SetDlgItemInt
EndDialog
DialogBoxParamW
CreateDialogParamW
SetWindowPos
ShowWindow
DestroyWindow
PostQuitMessage
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetDlgItemTextW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW

shell32

CommandLineToArgvW

Sections

.text
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

426a05c2b191cc8085e471804506d4ec

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

ws2_32

pdh

comctl32

faultrep

dbghelp

kernel32

user32

advapi32

shell32

Sections

.text Size: 347KB - Virtual size: 346KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 3KB - Virtual size: 91KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 347KB - Virtual size: 346KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 3KB - Virtual size: 91KB

.rsrc
Size: 11KB - Virtual size: 11KB