0fb09869ac5008fba775818f080e7cacb112796de69e00789dc3f9f40ac3b890

Sharing

Copy URL

Twitter E-mail

General

Target

0fb09869ac5008fba775818f080e7cacb112796de69e00789dc3f9f40ac3b890
Size

2.4MB
MD5

cbade519b00529b4d946c5857d780320
SHA1

2e53b1d20dd14a10d885157746b7d9b30322701d
SHA256

0fb09869ac5008fba775818f080e7cacb112796de69e00789dc3f9f40ac3b890
SHA512

a257dbd261e3d9d3570b452449455c453bcd44ef0e78c6745bbdada9ee578218649ddc3d5dd9d87d68e208da91e83644a83d6818f8d3f31d974f79eded619983
SSDEEP

49152:C6UpswNL3baDAv+3vHxhR9VJFmw3WJUatH9yFcM+xtiTWylvPaenoUR5+Y02:C6DwtL2q+3ZP5F7WmOdyFcM+xkTWyNSj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb09869ac5008fba775818f080e7cacb112796de69e00789dc3f9f40ac3b890

Files

0fb09869ac5008fba775818f080e7cacb112796de69e00789dc3f9f40ac3b890
.dll windows:5 windows x86

3d12375b70fee9d1c4b215bef84e279d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ioctlsocket

kernel32

OutputDebugStringA
GetModuleHandleW
GetProcAddress
GetModuleHandleA
LoadLibraryExA
SetCommBreak
AssignProcessToJobObject
InterlockedPushEntrySList
GetCommModemStatus
SetUserGeoID
CancelIo
InitializeCriticalSectionAndSpinCount
SetProcessWorkingSetSize
WaitForSingleObjectEx
GetProcessAffinityMask
GetExitCodeProcess
WaitForSingleObject
DeleteCriticalSection
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
VirtualAlloc
Process32FirstW
SetConsoleCursorInfo

setupapi

SetupDiDestroyDeviceInfoList

mprapi

MprConfigTransportGetInfo

advapi32

GetInheritanceSourceW
SetKernelObjectSecurity
LockServiceDatabase

msvcrt

putc
memset

gdi32

SetICMMode
SetColorSpace
CreateEllipticRgn
GetRgnBox
SetBitmapDimensionEx
SetViewportOrgEx
SetRectRgn

oleaut32

GetErrorInfo
SysAllocStringLen

lz32

LZCopy
LZSeek
LZInit

user32

EndDialog
UnhookWinEvent
EmptyClipboard
EndPaint
GetUpdateRgn
ShowWindow
GetMessageA
CharLowerBuffA
GetKeyboardType
AnyPopup
VkKeyScanW
GetKBCodePage
AttachThreadInput
IsChild
GetMenuItemCount

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d12375b70fee9d1c4b215bef84e279d

Headers

File Characteristics

Imports

ws2_32

kernel32

setupapi

mprapi

advapi32

msvcrt

gdi32

oleaut32

lz32

user32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 176KB - Virtual size: 178KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 64KB - Virtual size: 60KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 176KB - Virtual size: 178KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 64KB - Virtual size: 60KB