0ab607d409cf38e455607e88026571e1

Sharing

Copy URL

Twitter E-mail

General

Target

0ab607d409cf38e455607e88026571e1
Size

721KB
MD5

0ab607d409cf38e455607e88026571e1
SHA1

04389c31dd883994a3b51450510b1a37af171051
SHA256

3e62f33df984cda65d5e714d81ad6f04b38c8d3be28beb9fd9677e7097252811
SHA512

c07abad548cc8d9a40339aa9c92de825031973d51b1e0c571edc2ae22ce57892d219d1663d3eccbf5ecb405c91071c844ba3447bf1b6c0ec83db7b8bfc5288dc
SSDEEP

12288:aKuysfYcyvvvvoZRR8+lSHPXbuLaQtmvLp41EjXH9THXjFKn5W1zwzBd:aKuovvvvJZPru16uSD9T3weMd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ab607d409cf38e455607e88026571e1

Files

0ab607d409cf38e455607e88026571e1
.exe windows:4 windows x86 arch:x86

e5e9f01fa1c2794857fea56db7e2050b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
DeleteDC
SetTextColor
CreateCompatibleDC

oleaut32

VariantClear
SysFreeString
VariantInit
SysStringLen

user32

PeekMessageA
GetDC
GetCursorPos
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
TranslateMessage
LoadStringA
EnableMenuItem
GetWindowLongA
CreateWindowExA
EndPaint
SetFocus
DefWindowProcA
GetSystemMetrics
GetWindowRect
PostMessageA
IsWindow
SetWindowLongA
EndDialog
SetWindowTextA
GetSubMenu
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
TrackPopupMenu
GetDesktopWindow
MessageBoxA
GetSysColor
SystemParametersInfoA
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
GetFocus
ReleaseDC
SetCursor
SetWindowPos
PostQuitMessage
SetForegroundWindow
ReleaseCapture

kernel32

GetStdHandle
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
FindNextFileA
HeapDestroy
HeapFree
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetConsoleOutputCP
FreeEnvironmentStringsW
HeapSize
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
GlobalLock
FindClose
TlsGetValue
FormatMessageA
SetLastError
InterlockedDecrement
GetModuleFileNameW
IsDebuggerPresent
FlushFileBuffers
GetCurrentThreadId
GetCommandLineA
GetCurrentThread
GetCurrentProcessId
GetTickCount
GetModuleHandleA
GetVersion
ExitProcess
GetLastError
HeapAlloc
GetProcessHeap
VirtualAlloc
FindResourceA
VirtualFree
HeapCreate
CreateProcessA
SizeofResource
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
MapViewOfFile
RaiseException
InterlockedCompareExchange
lstrlenW
WideCharToMultiByte
GetCommandLineW
LockResource
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
Sleep
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
LoadLibraryA
InterlockedIncrement
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
ExpandEnvironmentStringsA
FindFirstFileW
ResetEvent
CompareStringA
lstrcpyA
FindNextFileW
lstrcmpA
CompareStringW
WaitForMultipleObjects
SetEvent
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
lstrcmpiW
GetVersionExA
TlsAlloc
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
WriteConsoleW
GetProcAddress
SetEndOfFile
VirtualQuery
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
LeaveCriticalSection
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyA

version

GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 675KB - Virtual size: 1001KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5e9f01fa1c2794857fea56db7e2050b

Headers

File Characteristics

Imports

gdi32

oleaut32

user32

kernel32

advapi32

version

Sections

.text Size: 675KB - Virtual size: 1001KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 19KB - Virtual size: 18KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 675KB - Virtual size: 1001KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 18KB - Virtual size: 18KB