0a63ed0d87f1f91afed55de416183b6b

Sharing

Copy URL Twitter E-mail

General

Target

0a63ed0d87f1f91afed55de416183b6b
Size

338KB
MD5

0a63ed0d87f1f91afed55de416183b6b
SHA1

57168a79a2d26182d84e277946ab8c16474543f2
SHA256

65fb8672e472b7529d304fe34147935385f9dfd788664cb0b18ccb651bfdb99d
SHA512

528cd93cb2488629a202a435fe4f973941149c16cc627e1e1d6fe772a481a5f4b82b110b99b229c3678e3d52f0951553d7b07610a18eb9632ef72c96edf2943c
SSDEEP

6144:WalG72kmdCd0MRRdAWXEoZKhQePDB7Ky5ZXl534+BGnY5Qrnt:hlt160MRc2mhfFOybn3BBu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a63ed0d87f1f91afed55de416183b6b

Files

0a63ed0d87f1f91afed55de416183b6b
.exe windows:4 windows x86 arch:x86

09ee18ce55c44c341e17a9140be61ead

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetErrorDlg
HttpAddRequestHeadersW

ws2_32

WSAStartup
WSACleanup

comdlg32

ChooseColorW
CommDlgExtendedError
GetFileTitleW
GetOpenFileNameW
PrintDlgW
GetSaveFileNameW

msvfw32

ICCompressorFree
ICCompressorChoose

gdi32

PolyBezierTo
StartDocW
SetWinMetaFileBits
SetTextColor
SetTextAlign
SetStretchBltMode
SetRectRgn
SetPolyFillMode
SetPixelV
UnrealizeObject
TranslateCharsetInfo
TextOutW
StrokePath
StretchDIBits
StretchBlt
BeginPath
BitBlt
CloseEnhMetaFile
CloseFigure
CloseMetaFile
CombineRgn
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHatchBrush
CreateMetaFileW
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DPtoLP
DeleteDC
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EndPath
EnumEnhMetaFile
EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExtCreatePen
ExtTextOutW
FillPath
FillRgn
FrameRgn
GdiFlush
GetBitmapBits
GetBkColor
GetBkMode
GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentObject
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetFontData
GetGlyphOutlineW
GetKerningPairsW
GetMapMode
GetMetaFileBitsEx
GetNearestColor
GetNearestPaletteIndex
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetPath
GetPixel
GetPolyFillMode
GetStockObject
GetSystemPaletteEntries
GetTextAlign
GetTextCharset
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
GetWorldTransform
IntersectClipRect
LPtoDP
LineTo
MaskBlt
ModifyWorldTransform
MoveToEx
OffsetRgn
PaintRgn
PatBlt
PlayEnhMetaFileRecord
SetPixel
PolyPolygon
Polygon
Polyline
PolylineTo
PtVisible
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetBitmapBits
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBits
SetDIBitsToDevice
SetMapMode
StartPage

winmm

timeBeginPeriod
mmioAscend
mmioClose
mmioCreateChunk
mmioDescend
mmioOpenA
mmioOpenW
mmioRead
mmioWrite
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutOpen
waveOutGetDevCapsW
waveOutClose
timeSetEvent
timeKillEvent
timeGetTime
timeGetDevCaps
timeEndPeriod

oleaut32

SysAllocString
VariantClear
SysFreeString

shell32

SHChangeNotify
SHBrowseForFolderW
SHCreateDirectoryExW
DragFinish
DragAcceptFiles
CommandLineToArgvW
SHGetDesktopFolder
SHGetFolderPathW
SHGetSpecialFolderPathA
SHGetMalloc
ShellExecuteA
ShellExecuteW
DragQueryFileW

shlwapi

PathFileExistsW
SHDeleteKeyW

ole32

CoTaskMemAlloc
StgIsStorageFile
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
OleDraw
ReleaseStgMedium
StgCreateDocfile
CoTaskMemFree
StgOpenStorage
CoUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

imm32

ImmGetCompositionStringW
ImmGetContext
ImmGetVirtualKey
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionFontW
ImmSetCompositionWindow

kernel32

GetVersionExW
GlobalFree
GlobalHandle
TerminateProcess
TlsGetValue
VirtualAlloc
VirtualFree
SystemTimeToFileTime
SizeofResource
SetThreadPriority
SetLastError
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseSemaphore
ReleaseMutex
RaiseException
QueryPerformanceFrequency
OutputDebugStringW
OutputDebugStringA
OpenProcess
OpenEventW
MultiByteToWideChar
MulDiv
GetVersionExA
GetVersion
GetTimeFormatW
GetTickCount
GetThreadPriority
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryA
GetSystemDefaultLangID
GetStdHandle
GetStartupInfoW
GetProfileStringW
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleHandleA
MoveFileW
MapViewOfFile
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
IsDBCSLeadByte
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
WideCharToMultiByte
WriteFile
_llseek
_lread
lstrcmpW
lstrcmpiW
lstrcpyW
lstrlenW
CloseHandle
CompareFileTime
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateMailslotA
CreateMutexA
CreateProcessW
CreateSemaphoreW
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FatalAppExitA
FileTimeToDosDateTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeLibrary
GetACP
GetCommandLineW
GetComputerNameExA
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetMailslotInfo
GetModuleFileNameA
GetModuleFileNameW
GlobalLock

Sections

.text
Size: 228KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09ee18ce55c44c341e17a9140be61ead

Headers

File Characteristics

Imports

wininet

ws2_32

comdlg32

msvfw32

gdi32

winmm

oleaut32

shell32

shlwapi

ole32

version

imm32

kernel32

Sections

.text Size: 228KB - Virtual size: 232KB

.rdata Size: 58KB - Virtual size: 60KB

.data Size: 16KB - Virtual size: 64KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 25KB - Virtual size: 28KB

.text
Size: 228KB - Virtual size: 232KB

.rdata
Size: 58KB - Virtual size: 60KB

.data
Size: 16KB - Virtual size: 64KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 25KB - Virtual size: 28KB