0beec91724cb2c7dbaf48663f36e93a5

Sharing

Copy URL

Twitter E-mail

General

Target

0beec91724cb2c7dbaf48663f36e93a5
Size

176KB
MD5

0beec91724cb2c7dbaf48663f36e93a5
SHA1

670b901dd4160a46447c18634a85375afcb2685e
SHA256

e037ce3f826b96824cdbb3f8ea5948f1e5f73c49c6e27c8a48216a118e4951e2
SHA512

e8fdd298f0f337d607d6307019478f891f2aa0f67121d4f6bed4da247410d16d962c4a5f536a0a83e075ad64dd00db052e1f39e7e8ed39432e4ba3c726191768
SSDEEP

3072:xz9Zdj4IvwQqmwvUeOt+vvEOHUCHmfSmOUBISpIPW7ljOlyrvBG55NZ6NMCZ:n0yomwVBvvE+GfS/ExhljJvQt0MC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0beec91724cb2c7dbaf48663f36e93a5

Files

0beec91724cb2c7dbaf48663f36e93a5
.exe windows:5 windows x86 arch:x86

ab939e8c08218293c84a171a1dfc6a0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollRange
SetMenuItemInfoW
WaitMessage
ShowCaret
GetScrollPos
GetKeyNameTextW
DefFrameProcW
GetCursorPos
GetShellWindow
DispatchMessageA
EndPaint
SendDlgItemMessageW
GetMessagePos
GetMenuItemCount
DestroyAcceleratorTable
RegisterClassW
FindWindowA
SendNotifyMessageW
keybd_event
ShowScrollBar
EnableWindow
SetForegroundWindow
DefWindowProcW
CharToOemBuffA
RedrawWindow
SetDlgItemInt
CreateWindowExA
AdjustWindowRect
SetCursor
DialogBoxIndirectParamA
TranslateMessage
LoadImageW
SetDlgItemTextA
SendInput
CharNextA
GetMenuItemInfoW
DrawTextW
GetScrollInfo
GetMessageExtraInfo
IsDialogMessageW
FrameRect
GetNextDlgGroupItem
GetSubMenu
ClipCursor
TabbedTextOutW
SetParent
FillRect
WindowFromPoint
SetTimer
GetWindowLongA
EnableScrollBar
SendMessageTimeoutW
EnumThreadWindows
ClientToScreen
IsCharAlphaW
GetSysColor
DrawStateA
DrawFrameControl
SetMenu
UnloadKeyboardLayout
IsWindow
GetWindowTextW
GetWindowLongW
OemToCharA
EndDialog
LookupIconIdFromDirectory
CreateIconIndirect
TranslateAcceleratorW
ChangeMenuW
SetRectEmpty
MessageBoxExW
CheckMenuRadioItem
MessageBoxExA
CreateDialogParamA
MessageBoxW
TrackPopupMenu
CheckRadioButton
InsertMenuW
SetWindowPos
ScrollWindowEx
MapVirtualKeyExW
ShowOwnedPopups
RegisterClassA
ToUnicodeEx
GetDC
CreateIconFromResource
IsZoomed
LoadImageA
CharPrevA
GetMenuCheckMarkDimensions
CopyAcceleratorTableW
DialogBoxIndirectParamW
RegisterClassExW
GetSystemMetrics
SetLastErrorEx
GetCaretPos
CallWindowProcA
DefDlgProcW
EqualRect
IsCharAlphaA
GetClassInfoExW
GetClassInfoA
SwitchToThisWindow
DialogBoxParamW
SetRect
ChildWindowFromPointEx
CheckDlgButton
DrawMenuBar
PostThreadMessageW
GetUserObjectInformationW
EnumChildWindows
GetClassLongW
InsertMenuItemW
GetDlgCtrlID
GetAsyncKeyState
SystemParametersInfoW
CreateCaret
OpenDesktopW
FindWindowExW
ScreenToClient
SetWindowTextA

msvcrt

fgetc
wcscspn
_controlfp
sprintf
isalnum
__set_app_type
fprintf
__p__fmode
free
memset
realloc
__p__commode
atoi
wcspbrk
_amsg_exit
setvbuf
wcstod
_initterm
strerror
_ismbblead
time
fgets
qsort
swscanf
_XcptFilter
wcstombs
strncpy
fputc
calloc
strrchr
strcoll
_exit
ftell
iswxdigit
malloc
wcsncmp
fputs
_cexit
__setusermatherr
__getmainargs
tolower
clearerr
putchar
isxdigit
putc
towlower
strtoul
strtol

kernel32

CancelIo
TlsFree
LocalReAlloc
FindFirstFileW
SetTimerQueueTimer
VirtualQuery
GetCommProperties
LocalFree
DeleteFileW
lstrcpyW
LocalLock
AddAtomW
FindFirstChangeNotificationW
GetModuleFileNameA
FindResourceW
CreateNamedPipeW
SetFileTime
SizeofResource
HeapFree
GetThreadLocale
GetFileAttributesExW
GetLocaleInfoA
GlobalAlloc
IsBadWritePtr
GetVersionExW
HeapAlloc
lstrcatW
GetModuleHandleW
GetFileAttributesW
EnumSystemLocalesA
MapViewOfFile
InitializeCriticalSection
CreateFileMappingA
CreateMailslotW
GetStartupInfoW
GetLocaleInfoW
IsDBCSLeadByte
ResumeThread
VerifyVersionInfoW
OpenEventA
GetProcessHeap
GetThreadContext
lstrcatA
SetThreadContext
GetNumberFormatA
TerminateThread
OpenFileMappingW
UnhandledExceptionFilter
GetVersion
SetCommTimeouts
SleepEx
WriteFile
UnlockFile
GlobalAddAtomW
lstrcpyA
EscapeCommFunction
CopyFileA
CreateSemaphoreW

shlwapi

PathIsUNCW

Exports

Exports

?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.align
Size: 1KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab939e8c08218293c84a171a1dfc6a0f

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.align Size: 1KB - Virtual size: 184KB

.date Size: 512B - Virtual size: 99B

.dati Size: 6KB - Virtual size: 5KB

.char Size: 512B - Virtual size: 494B

.odata Size: 14KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 139KB - Virtual size: 139KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.align
Size: 1KB - Virtual size: 184KB

.date
Size: 512B - Virtual size: 99B

.dati
Size: 6KB - Virtual size: 5KB

.char
Size: 512B - Virtual size: 494B

.odata
Size: 14KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 139KB - Virtual size: 139KB

.reloc
Size: 2KB - Virtual size: 1KB