0fce02df6ecf157795e9d7ad136e8df8

Sharing

Copy URL Twitter E-mail

General

Target

0fce02df6ecf157795e9d7ad136e8df8
Size

721KB
MD5

0fce02df6ecf157795e9d7ad136e8df8
SHA1

987e5472524bceea07f6baab7b71c4af44ae427a
SHA256

56c4aa7c7031d0837e32881516e05f30c57b9da7cd6f63bb9f358a6ac6c32c0b
SHA512

e7fd1651b07e9b4c47cca7b88a968cb8f750847a5e6317fe0c02fd8fd1170ce8957764870541c143e6ac0af0553c02f8eb27a078517e682e374a847bfd6d9de9
SSDEEP

12288:Vw1V5Zdeiqu2z18omje/c8dnShXwiy2RQElnYycc:S1V5nBquc89Wc/XwiB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fce02df6ecf157795e9d7ad136e8df8

Files

0fce02df6ecf157795e9d7ad136e8df8
.exe windows:4 windows x86 arch:x86

bd9d9b4b0e536cd943ae5d582f7ffa2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
SetFileTime
LeaveCriticalSection
EnterCriticalSection
SetErrorMode
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GlobalHandle
GetOEMCP
WritePrivateProfileStringA
FileTimeToSystemTime
RtlUnwind
HeapFree
HeapAlloc
RaiseException
TerminateProcess
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
LocalFileTimeToFileTime
HeapDestroy
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFree
GetTempPathA
FindResourceA
SizeofResource
LoadResource
LockResource
GetTempFileNameA
_lcreat
_lwrite
_lclose
DeleteFileA
GlobalSize
GlobalLock
GlobalAlloc
GetCurrentThread
GetVolumeInformationA
GetFullPathNameA
lstrcpynA
UnlockFile
MoveFileA
SetEndOfFile
GetCurrentProcess
LockFile
FlushFileBuffers
GetVersion
DuplicateHandle
GetLastError
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
WideCharToMultiByte
lstrcmpA
MultiByteToWideChar
InterlockedIncrement
lstrlenA
InterlockedDecrement
GetStartupInfoA
SetLastError
GetCommandLineA
Sleep
ExitProcess
GetModuleHandleA
VirtualAlloc
CreateThread
GlobalUnlock
UnhandledExceptionFilter
GetWindowsDirectoryA
WaitForSingleObject
CreateMutexA
SetThreadPriority
LoadLibraryA
ReleaseMutex
TerminateThread
GetTickCount
GetProcAddress
FreeLibrary
GetFileSize
GetModuleFileNameA
GetUserDefaultLangID
lstrcpyA
lstrcatA
_lread
MulDiv
GlobalReAlloc
_llseek
OpenFile
LocalFree
LocalAlloc
SystemTimeToFileTime
FileTimeToLocalFileTime
GetFileAttributesA
CloseHandle
GetVersionExA
ReadFile
SetFilePointer
WriteFile
GetDiskFreeSpaceA
CreateFileA
FindClose
FindFirstFileA
IsBadWritePtr
SetFileAttributesA
FreeEnvironmentStringsA
HeapCreate

user32

GetClassNameA
AdjustWindowRectEx
SetFocus
GetFocus
GetSysColor
MapWindowPoints
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
CharUpperA
LoadStringA
ValidateRect
GetSysColorBrush
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetActiveWindow
UnhookWindowsHookEx
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
IsWindowVisible
GetWindowPlacement
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
CharNextA
DialogBoxParamA
LoadIconA
GetSystemMetrics
FindWindowA
SetForegroundWindow
RegisterWindowMessageA
RegisterClassA
CreateWindowExA
GetMessageA
PostQuitMessage
GetParent
SystemParametersInfoA
GetForegroundWindow
CopyIcon
MessageBeep
GetDlgItem
EndDialog
SetWindowTextA
SetTimer
LoadBitmapA
KillTimer
GetDialogBaseUnits
UnionRect
SetWindowPos
InvalidateRect
InflateRect
DrawTextA
MessageBoxA
IsRectEmpty
ClientToScreen
GetClassInfoA
DefWindowProcA
LoadCursorA
GetDesktopWindow
FrameRect
GetWindowRect
wsprintfA
FillRect
PeekMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
CopyRect
EnableWindow
GetCursorPos
GetClientRect
GetWindowLongA
SetWindowLongA
GetPropA
IsIconic
SendMessageA
ShowWindow
MoveWindow
PostMessageA
CallWindowProcA
UpdateWindow
SetRectEmpty
SetCursor
PtInRect
OffsetRect
DestroyWindow
IntersectRect
ScreenToClient
GetWindowTextA
IsWindow

gdi32

SetBkColor
SelectObject
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
CreatePatternBrush
GetDeviceCaps
RealizePalette
GetObjectA
GetPaletteEntries
StretchDIBits
SelectPalette
SetDIBitsToDevice
SetStretchBltMode
CreateDCA
GetStockObject
GetSystemPaletteEntries
GetDIBits
ResizePalette
SetSystemPaletteUse
SetPaletteEntries
Rectangle
CreatePen
RectVisible
PatBlt
CreateFontIndirectA
CreateFontA
SaveDC
RestoreDC
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
MoveToEx
LineTo
SetBkMode
DeleteDC
CreateSolidBrush
PtVisible
TextOutA
Escape
ExtTextOutA
DeleteObject
CreatePalette
GetClipBox
SetTextColor

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
SetFileSecurityA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
GetFileSecurityA

shell32

ShellExecuteA

comctl32

ord17

msvfw32

MCIWndCreateA

winmm

mciSendCommandA
PlaySoundA
waveOutReset
waveOutOpen
waveOutClose
waveOutUnprepareHeader

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd9d9b4b0e536cd943ae5d582f7ffa2a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

msvfw32

winmm

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 24KB - Virtual size: 49KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 24KB - Virtual size: 49KB

.rsrc
Size: 40KB - Virtual size: 38KB