0b738bd3d19fa26ae5afbdb4e85c1ead

Sharing

Copy URL Twitter E-mail

General

Target

0b738bd3d19fa26ae5afbdb4e85c1ead
Size

4.4MB
MD5

0b738bd3d19fa26ae5afbdb4e85c1ead
SHA1

bbedd006cac2f7d66bf375fb54c3b072b99a05c1
SHA256

b965a39f0f368f6dd0039ac1b864cd439b1e0e35fa7a37a1c03ecbc0c5ac7bc2
SHA512

9724aba4f61dce5533b83949e9226394d745db3099a001563939c133cea91859075e0d4dbd696a40ac5d3bac9d8060479d9d43a74ead046ff5a94b08da438370
SSDEEP

98304:2iCTsovboUYsvff5HVJffIZOA7ouNT/qDqc8uhMNeO8wQ/hfUXXKePU:2iCWS/3tO7NRePhM4d/hs0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b738bd3d19fa26ae5afbdb4e85c1ead

Files

0b738bd3d19fa26ae5afbdb4e85c1ead
.exe windows:4 windows x86 arch:x86

f7f58822aaf08b0aca6731ed2085c5ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetOEMCP
GetACP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
UnhandledExceptionFilter
SetHandleCount
GetEnvironmentStringsW
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetDriveTypeA
LCMapStringA
GetStdHandle
GetCPInfo
LocalAlloc
HeapSize
GetFullPathNameA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
HeapReAlloc
RaiseException
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
SizeofResource
GetVersionExA
GlobalGetAtomNameA
GlobalAddAtomA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessVersion
FindResourceA
LoadResource
GetVersion
lstrcatA
GetCurrentDirectoryA
WritePrivateProfileStringA
GlobalFlags
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
FindNextFileA
FindFirstFileA
LocalFree
GetStringTypeW
lstrcpynA
GetProcAddress
FindClose
SetLastError
GetVolumeInformationA
lstrcpyA
LoadLibraryA
FreeLibrary
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetUnhandledExceptionFilter
LCMapStringW
GetStringTypeA
lstrcmpiA
GetModuleHandleA
DeleteFileA
WaitForSingleObject
CreateProcessA
GetTempPathA
GetModuleFileNameA
GetLastError
GetCurrentThreadId
GetCurrentThread
GetProfileStringA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
CloseHandle

user32

CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
EndDeferWindowPos
AdjustWindowRectEx
IsWindow
SetActiveWindow
GetSysColor
MapWindowPoints
SystemParametersInfoA
UpdateWindow
LoadIconA
GetSysColorBrush
LoadStringA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
IsIconic
BringWindowToTop
EndDialog
FindWindowA
OffsetRect
IntersectRect
InflateRect
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SetFocus
IsWindowEnabled
ShowWindow
SetWindowPos
SetWindowLongA
GetWindowTextLengthA
DrawTextA
SetForegroundWindow
EndPaint
BeginPaint
GetDC
SetScrollInfo
ScrollWindow
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
ScreenToClient
ClientToScreen
GetWindowLongA
WindowFromPoint
GetDesktopWindow
ReleaseCapture
LoadCursorA
GetCapture
GetLastActivePopup
GetSystemMetrics
CharUpperA
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
EnableWindow
SetCursor
ShowOwnedPopups
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenuItemID
GetMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
SetPropA
GetForegroundWindow
GetMenuItemCount
ShowScrollBar
UnhookWindowsHookEx
GrayStringA
TabbedTextOutA
SendMessageA
PostQuitMessage
PostMessageA
GetDlgItem
ReleaseDC
GetWindowDC
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
CharNextA
UnregisterClassA
DrawFocusRect
ShowCaret
HideCaret

gdi32

DeleteObject
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
CreateBitmap
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteDC
IntersectClipRect
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
PatBlt
GetTextExtentPointA
CreateDIBitmap
CreateCompatibleDC
BitBlt
ScaleViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
CryptEncrypt
RegCloseKey
RegQueryValueExA
CryptAcquireContextA
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
CryptCreateHash
CryptHashData
CryptDeriveKey

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7f58822aaf08b0aca6731ed2085c5ea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 15KB - Virtual size: 31KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 15KB - Virtual size: 31KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 7KB