0a1fb83d6c2ea84fa1bd33753a7f3c70

Sharing

Copy URL Twitter E-mail

General

Target

0a1fb83d6c2ea84fa1bd33753a7f3c70
Size

177KB
MD5

0a1fb83d6c2ea84fa1bd33753a7f3c70
SHA1

e17ecc7157fa31fd46051efb4fea9ce7df2157d5
SHA256

22b7618197282e0e7f22fee3b34c3c02cebeadaa1f897c4ae864d4590f757d7c
SHA512

4d25cae5a7f8019e77c48553391a5da439a99f2b71f0663656c09da3f8e56e1bbfb5cb6d3b5b295f3ee2b257f224b1e8a14a0a08bb5667889450e1d760bc32eb
SSDEEP

3072:ito4uofz/zNBok5e7kbgs0Yd8hlOvUW21RL9oatpLMLJk:L0r/BBo0e7OgA87OMW215+atpLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/rosettastone chinese (mandarin) level 1, 2.exe

Files

0a1fb83d6c2ea84fa1bd33753a7f3c70
.zip
rosettastone chinese (mandarin) level 1, 2.exe
.exe windows:5 windows x86 arch:x86

45640512c8e6d4219f46620aa4f57b2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA

user32

PostThreadMessageA
FillRect
RemovePropW
SwitchToThisWindow
CharNextExA
DefDlgProcA
GetSysColor
PostMessageW
DestroyMenu
GetMonitorInfoW
RemoveMenu
wvsprintfA
GetMenuState
GetMessageExtraInfo
ClientToScreen
CharLowerW
DrawIcon
CreateDialogIndirectParamW
GetWindowTextA
VkKeyScanW
CheckRadioButton
AllowSetForegroundWindow
SetDlgItemInt
LoadImageW
DragObject
CreateCaret
UnionRect
ChangeMenuW
DefFrameProcW
GetDC
AppendMenuA
RegisterClassExA
LoadAcceleratorsW
DialogBoxIndirectParamW
EnableWindow
CharUpperW
GrayStringW
MessageBoxExW
GetUpdateRect
EnableScrollBar
GetNextDlgGroupItem
SetScrollPos
WaitForInputIdle
SendNotifyMessageW
GetWindowRect
SetSysColors
RegisterWindowMessageW
GetSubMenu
GetScrollRange
SetDlgItemTextW
RedrawWindow
SendMessageTimeoutW
ShowScrollBar
GetParent
DialogBoxParamA
GetDCEx
InvertRect
IsDialogMessageW
GetUpdateRgn
GetPropW
MapWindowPoints
LoadIconW
GetClassLongA
EqualRect
CharToOemW
GetScrollPos
CharNextA
GetDlgItemTextW
FindWindowExA
SetWindowTextW
ChildWindowFromPoint
DrawTextExW
DrawMenuBar
CascadeWindows
GetClassInfoExW
FindWindowW
LoadBitmapA
SetRectEmpty
DeferWindowPos
SetWindowPos
SendMessageTimeoutA
SystemParametersInfoW
GetKeyboardLayoutList
MessageBoxW
GetMenuStringA
DrawAnimatedRects
GetFocus
GetLastActivePopup
InvalidateRect
OpenInputDesktop

gdi32

FillRgn

comdlg32

FindTextW

shlwapi

PathIsDirectoryA

ole32

CoFileTimeToDosDateTime

Exports

Exports

_AGetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindow@0
_BGetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindow@0
_CGetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindow@0
_GetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindowGetForegroundWindow@0

Sections

.erefgd
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.poiujh
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mytrrg
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oiuuyt
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mnbhg
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retf
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45640512c8e6d4219f46620aa4f57b2b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shlwapi

ole32

Exports

Exports

Sections

.erefgd Size: 512B - Virtual size: 28B

.text Size: 165KB - Virtual size: 165KB

.poiujh Size: 512B - Virtual size: 64B

.mytrrg Size: 512B - Virtual size: 64B

.oiuuyt Size: 512B - Virtual size: 64B

.mnbhg Size: 512B - Virtual size: 64B

.retf Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 3KB - Virtual size: 2KB

.erefgd
Size: 512B - Virtual size: 28B

.text
Size: 165KB - Virtual size: 165KB

.poiujh
Size: 512B - Virtual size: 64B

.mytrrg
Size: 512B - Virtual size: 64B

.oiuuyt
Size: 512B - Virtual size: 64B

.mnbhg
Size: 512B - Virtual size: 64B

.retf
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 3KB - Virtual size: 2KB