00b049739c496cc832063f8a7b2f8cb0

Sharing

Copy URL

Twitter E-mail

General

Target

00b049739c496cc832063f8a7b2f8cb0
Size

160KB
MD5

00b049739c496cc832063f8a7b2f8cb0
SHA1

890af1b423c739aed6d5c54d0194d5dee511d286
SHA256

e53ba1c5205e628e155afb2e3057065271a60264226641f62ec361e1ff5a8bff
SHA512

95db9a9f79f13d827b8f9544571f0bc06830422209b29f4d8a153c87566cf68f40e3826185bc95c05b56a481a5f87a0c4b9258af231389f0f846e170a5f216aa
SSDEEP

3072:fLF4rN3RftkVFatQkJSWvkcGK3Euy/3oQibJlY:fiDZcZ5HjibU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00b049739c496cc832063f8a7b2f8cb0

Files

00b049739c496cc832063f8a7b2f8cb0
.exe windows:4 windows x86 arch:x86

93768ee9faba4ab9454e1634b6a2530e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
WaitForSingleObject
CreateThread
HeapAlloc
GetSystemInfo
HeapCreate
ExitProcess
InitializeCriticalSection
HeapDestroy
CreateMutexA
GetCurrentThreadId
GetLastError
FlushInstructionCache
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetShortPathNameA
OutputDebugStringA
GetThreadLocale
GetPrivateProfileSectionA
DeleteCriticalSection
GetStringTypeExA
EnterCriticalSection
TerminateThread
LeaveCriticalSection
DebugBreak
GetTempPathA
GetPrivateProfileStringA
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetTickCount
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapFree
GetVersionExA
GetSystemDirectoryA
GetModuleFileNameA
WritePrivateProfileStringA
lstrcpynA
SystemTimeToFileTime
WinExec
GetFileTime
DeleteFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
RtlUnwind
CopyFileA
GetFileSize
WriteFile
ReadFile
CloseHandle
CreateFileA
GetPrivateProfileIntA
InterlockedIncrement
GetSystemDefaultLangID
lstrcpyA
lstrcatA
lstrlenA
lstrcmpiA
SetFileTime
FindClose
lstrcmpA
InterlockedDecrement
GetSystemTime
CreateDirectoryA

user32

GetSystemMetrics
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindow
LoadImageA
SetClassLongA
KillTimer
EndPaint
DrawIconEx
DrawTextA
ReleaseDC
GetDC
BeginPaint
PostThreadMessageA
PostQuitMessage
SendMessageTimeoutA
BringWindowToTop
CharUpperA
DialogBoxParamA
EndDialog
UpdateWindow
GetWindowTextA
MoveWindow
CreateWindowExA
RegisterClassExA
GetClassInfoExA
SetTimer
SetFocus
SetWindowTextA
LoadIconA
PostMessageA
GetDlgItem
GetParent
GetWindowLongA
GetCapture
InvalidateRect
SetCapture
GetWindowRect
ClientToScreen
PtInRect
ReleaseCapture
LoadCursorA
SetCursor
CallWindowProcA
RemovePropA
CharLowerA
SendMessageA
SetWindowLongA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
CreateDialogParamA
ShowWindow
wvsprintfA
wsprintfA
CharNextA
LoadStringA
IsDialogMessageA
GetPropA
SetPropA

gdi32

GetTextExtentPoint32A
GetDeviceCaps
DPtoLP
DeleteDC
GetObjectA
CreateFontIndirectA
DeleteObject
SetTextColor
StretchBlt
CreateCompatibleDC
SetBkMode
SelectObject

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA

ole32

OleInitialize
OleUninitialize
CoInitialize
CoUninitialize

ws2_32

inet_ntoa
gethostbyname
recv
send
htons
connect
setsockopt
closesocket
socket
WSAStartup
inet_addr
getprotobyname
WSACleanup

shlwapi

StrStrIA
StrToIntA

shell32

ShellExecuteA

setupapi

SetupIterateCabinetA

wininet

InternetCrackUrlA

comctl32

InitCommonControlsEx

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93768ee9faba4ab9454e1634b6a2530e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ws2_32

shlwapi

shell32

setupapi

wininet

comctl32

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 17KB