multivob[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

multivob.exe
Size

37KB
MD5

6fbec63fa766eda1490d1ac039ddf5d8
SHA1

07bb6f80ac4b0445ec8586baef596b916cc76cf2
SHA256

5055bd8d8420bd8222b5089ea9855c0902059ed79260f39d091c1b3204ee37fa
SHA512

5821df08a6026fff3e3d93722e4f185913d10cac11041f6088254a3537968dc4f9aa59d0e51c6d7cb6339f8859426474f766f9206e00e0185aa1beb5353ed53b
SSDEEP

768:qOj3KU5C57L8MJZu+zP0hQYMZO9/vqVM6ZgJRnS:HDi3ZuzhHMwnY7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
multivob.exe

Files

multivob.exe
.exe windows:4 windows x86

c15cc739cfab1a5796824293ce7d8b5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

SetFileTime
CompareFileTime
GetFileAttributesA
lstrcatA
CreateDirectoryA
SetFileAttributesA
Sleep
ReadFile
SetFilePointer
CopyFileA
lstrcmpiA
ExitProcess
GetFileSize
GetModuleFileNameA
GetModuleHandleA
lstrcpynA
GetCommandLineA
GetTempPathA
CloseHandle
GetVersion
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
GetUserDefaultLangID
CreateProcessA
CreateFileA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindFirstFileA
MulDiv
WriteFile
GlobalFree
DeleteFileA
FindNextFileA
SetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount

user32

OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetMessagePos
SetFocus
GetSystemMetrics
GetClientRect
GetDlgItem
IsWindowEnabled
EndDialog
SetWindowPos
ScreenToClient
GetWindowRect
SetClassLongA
DialogBoxParamA
LoadImageA
MessageBoxA
EmptyClipboard
SetClipboardData
CloseClipboard
CharPrevA
EnableWindow
GetDesktopWindow
CreateDialogParamA
DestroyWindow
DispatchMessageA
PeekMessageA
SetTimer
PostQuitMessage
ShowWindow
SetForegroundWindow
wsprintfA
SendMessageA
CharNextA

gdi32

DeleteObject

advapi32

RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegEnumValueA
RegQueryValueExA
RegSetValueExA

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetPathFromIDListA
SHGetMalloc

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c15cc739cfab1a5796824293ce7d8b5d

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 98KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 98KB

.rsrc
Size: 2KB - Virtual size: 4KB