0f5808113f49dd058802402b47be0559

Sharing

Copy URL

Twitter E-mail

General

Target

0f5808113f49dd058802402b47be0559
Size

156KB
MD5

0f5808113f49dd058802402b47be0559
SHA1

e8b5e7a72c2123fd0c24e55104f96499c2c67891
SHA256

bd2dddfb7f978b8fdf099bbc3e741952507ac644fe77b3af02398304bc432041
SHA512

dcc51eceef022dca1f4786410a29efb4c078bf1b23ced23292e53799237bbc61763d6ef4a9185238dc7cf2ee22e03d55b9e252b956665ce24d77dc2e2206bef8
SSDEEP

3072:Qj07dyzEE/QhD7sJ99MewJ+w7qTN2Dxe/MFa0lPZ6PepHo7:gywzEsQhUv9MVUw7wNlu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f5808113f49dd058802402b47be0559

Files

0f5808113f49dd058802402b47be0559
.exe windows:4 windows x86 arch:x86

044cf49fccab115c8d4cad3cadbd4b19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
asin
tolower
wcschr
strlen
strcmp
memset
calloc
atol
cos
acos
tan
wcstol
sprintf
memmove

kernel32

CreateThread
ExitThread
LocalAlloc
GetOEMCP
GetModuleHandleW
IsBadReadPtr
GetLastError
LoadLibraryA
ExitThread
lstrlenA
GetCommandLineA
GetCommandLineW
LoadLibraryExA
IsBadHugeReadPtr
GetProcAddress
GetModuleHandleA
VirtualAlloc
ExitProcess

shell32

SHGetFileInfoA
SHGetFolderPathA
DragQueryFileA
SHGetDiskFreeSpaceA
SHFileOperationA
SHGetFileInfoA

advapi32

RegQueryValueA
RegQueryValueExA
RegEnumValueA
GetLengthSid
RegQueryValueA
RegQueryInfoKeyA
RegQueryValueExA

oleaut32

SysReAllocStringLen
SysFreeString
SafeArrayPtrOfIndex
OleLoadPicture
RegisterTypeLib
SysStringLen
VariantCopyInd
VariantChangeType
SafeArrayGetUBound
SafeArrayCreate
GetErrorInfo
SysAllocStringLen
SafeArrayCreate
SafeArrayPtrOfIndex
SysReAllocStringLen
VariantChangeType
VariantCopyInd
SafeArrayGetElement

comctl32

ImageList_Destroy
ImageList_Add
ImageList_Create
ImageList_Draw
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Read
ImageList_Write
ImageList_DragShowNolock
ImageList_Create
ImageList_Write
ImageList_Add
ImageList_GetBkColor
ImageList_Read
ImageList_Write
ImageList_DragShowNolock
ImageList_Read
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_Draw
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Remove

shlwapi

SHSetValueA
PathIsDirectoryA
SHDeleteKeyA
PathGetCharTypeA
PathIsContentTypeA
SHEnumValueA
SHSetValueA
SHQueryInfoKeyA

gdi32

RestoreDC
CreateBitmap
BitBlt
GetObjectA
GetDIBits
CreateDIBitmap
SelectPalette
SaveDC
SetBkColor
SelectObject
GetPixel

ole32

CreateBindCtx
OleRegGetUserType
MkParseDisplayName
CoGetContextToken
CreateStreamOnHGlobal
StringFromIID
OleRun
CoRegisterClassObject
StgCreateDocfileOnILockBytes
CoUnmarshalInterface
CreateStreamOnHGlobal
StringFromIID
StgOpenStorage
CoGetContextToken

version

VerFindFileA
GetFileVersionInfoA
VerInstallFileA

comdlg32

FindTextA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

user32

CharLowerBuffA
OffsetRect
BeginPaint
GetWindowLongW
GetMenuItemInfoA
GetParent
GetMenuState
GetMenu
GetKeyboardLayoutList
GetKeyboardState
GetSysColorBrush
GetPropA
GetWindowLongA
GetMenuStringA
GetSubMenu
GetScrollRange
GetMenuItemCount
GetKeyboardLayoutNameA
GetWindow
GetSystemMenu
GetScrollPos
GetTopWindow
GetSysColor
GetKeyNameTextA
GetScrollInfo
GetKeyboardLayout
GetLastActivePopup
GetIconInfo
GetMessagePos
GetWindowDC
GetMenuItemID
GetKeyState
GetKeyboardType

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

044cf49fccab115c8d4cad3cadbd4b19

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

advapi32

oleaut32

comctl32

shlwapi

gdi32

ole32

version

comdlg32

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 4KB - Virtual size: 568B

.data Size: 4KB - Virtual size: 1KB

DATA Size: 8KB - Virtual size: 5KB

.hdata Size: 8KB - Virtual size: 6KB

.gdata Size: 8KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 4KB - Virtual size: 568B

.data
Size: 4KB - Virtual size: 1KB

DATA
Size: 8KB - Virtual size: 5KB

.hdata
Size: 8KB - Virtual size: 6KB

.gdata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 8KB