0b7bc06c621fc517fa9401e544e4b5df

Sharing

Copy URL Twitter E-mail

General

Target

0b7bc06c621fc517fa9401e544e4b5df
Size

160KB
MD5

0b7bc06c621fc517fa9401e544e4b5df
SHA1

7fb6a8d51cdfabf46c77a637a435caff3bfb4944
SHA256

e2cf5c94dae759cadf490154caea9d9dbf9ba681262293075be557a9848d1830
SHA512

178fb81b31d3da075c9ea2e0f464d3f08647bd26ea901698d2d9fa2ec59518e1e9cb459f051009288638b95220c144c613182103a2d9e62348f4dc6bba820ef7
SSDEEP

3072:zP0y6mm0fIlmDETAPyeVHR7q/bblECjbGPlovbrPInEzN:romeGyGHF0EeiKvb5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b7bc06c621fc517fa9401e544e4b5df

Files

0b7bc06c621fc517fa9401e544e4b5df
.exe windows:4 windows x86 arch:x86

cf91d45834cb73b43cfb1ad18082c569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetFullPathNameA
GetCPInfo
GetOEMCP
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
RaiseException
GetTimeZoneInformation
GetACP
HeapReAlloc
HeapSize
SetFilePointer
WriteFile
GetCurrentProcess
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
DeviceIoControl
CloseHandle
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
CreateProcessA
GetLogicalDriveStringsA
GetDriveTypeA
SetErrorMode
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetCurrentDirectoryA
lstrcatA
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
TlsAlloc
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
EnterCriticalSection
LCMapStringW
InitializeCriticalSection
FreeLibrary
LoadLibraryA
LeaveCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
GetLastError
lstrcmpA
GlobalLock
GlobalDeleteAtom
GetCurrentThreadId
lstrcmpiA
GetCurrentThread
FindFirstFileA
FindNextFileA
lstrcpyA
MultiByteToWideChar
SetLastError
FindClose
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GetVersionExA
FormatMessageA
LocalFree
lstrlenA
GetModuleFileNameA
lstrcpynA
FreeEnvironmentStringsA
WriteProfileStringA
FreeEnvironmentStringsW
LCMapStringA
GetProcAddress

user32

IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetTopWindow
GetSystemMetrics
GetWindowPlacement
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetSysColorBrush
DestroyMenu
SetWindowLongA
SetWindowPos
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
ClientToScreen
LoadCursorA
GetCapture
LoadStringA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SetFocus
ShowWindow
SendMessageA
PostQuitMessage
PostMessageA
wsprintfA
SendNotifyMessageA
GetClassNameA
UnregisterClassA

gdi32

DeleteObject
SaveDC
RestoreDC
GetStockObject
SelectObject
SetBkColor
SetTextColor
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
CreateBitmap
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
DeleteDC

winspool.drv

ord201
EnumPrintersA
DocumentPropertiesA
GetPrinterA
OpenPrinterA
DeletePrinter
ClosePrinter
SetPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

comctl32

ord17

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf91d45834cb73b43cfb1ad18082c569

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 24KB - Virtual size: 30KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 24KB - Virtual size: 30KB