0ad8923f1f69884f4e4f8ee37fba3eea

Sharing

Copy URL Twitter E-mail

General

Target

0ad8923f1f69884f4e4f8ee37fba3eea
Size

47KB
MD5

0ad8923f1f69884f4e4f8ee37fba3eea
SHA1

73cee7a79f127fb6e727842799d9358ad7a87e24
SHA256

e05c7151275c7e48715d4753c2542bd799b63165ebd48bef93b369e76c9427e7
SHA512

ea66e6a74415acbf2e69b3c07e6bc4a5f56180ff3a8b537ea89d81863fc4ebb4a8c8d349f98a6f9604b56614fb86b749f0000074858ab0961c32cabd3623dea2
SSDEEP

768:i77LdJ5dHZ7GREw098ANqGVOrDIfduekdn8ffvu0Km+VLv0JqgAKVz93m1JgC9cF:s7555GR909fBO3IgvAfW0Kmwv0kgAKVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ad8923f1f69884f4e4f8ee37fba3eea

Files

0ad8923f1f69884f4e4f8ee37fba3eea
.exe windows:4 windows x86 arch:x86

7965fcff26e69ddb34c112da61f42641

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
EqualRect
SendMessageW
GetAsyncKeyState
OpenClipboard
GetWindowLongW
ClientToScreen
CloseClipboard
KillTimer
GetMessageW
GetClassInfoW
InvalidateRect
UpdateWindow
BeginPaint
SetWindowLongW
SetTimer
MessageBeep
GetClientRect
GetClipboardData
DefWindowProcW
wsprintfA
wvsprintfW
GetParent
GetDC
wsprintfW
EmptyClipboard
SetRect
DispatchMessageW
IsWindow
LoadStringW
RegisterClassW
PeekMessageW
LoadCursorW
PostMessageW
LoadStringA
TranslateMessage
ReleaseDC
MsgWaitForMultipleObjects
SetClipboardData
CreateWindowExW
SetCursor
EndPaint

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyW
RegEnumKeyW
RegCreateKeyW
RegOpenKeyA
RegQueryValueExW

msvfw32

ICSeqCompressFrame
DrawDibGetPalette
ICCompressorFree
DrawDibRealize
ICCompressorChoose
DrawDibDraw
ICImageDecompress
ICSeqCompressFrameStart
DrawDibBegin
DrawDibOpen
DrawDibClose
ICSeqCompressFrameEnd

gdi32

GetPaletteEntries
GetStockObject
GetNearestPaletteIndex
GetObjectW
SelectObject
GetSystemPaletteEntries
DeleteObject
SetWindowOrgEx
GetDCOrgEx
CreatePalette
PatBlt
GetClipBox
RealizePalette
SelectPalette
GetDeviceCaps

winmm

mmioSeek
mmioRead
mciSendStringW
mmioOpenW
OpenDriver
mmioCreateChunk
mmioDescend
mmioWrite
timeGetTime
SendDriverMessage
waveInReset
waveInStop
waveInUnprepareHeader
mmioAscend
waveInStart
waveInClose
waveOutGetNumDevs
mmioFlush
waveInOpen
CloseDriver
mmioClose
waveInAddBuffer
waveInPrepareHeader

ntdll

NtAllocateVirtualMemory
NtAddAtom
RtlUlongByteSwap

kernel32

lstrcmpiW
SetEvent
GetSystemInfo
LocalAlloc
Sleep
lstrlenW
SetThreadPriority
IsBadHugeReadPtr
LocalHandle
lstrcatW
LoadLibraryW
GetOverlappedResult
IsBadCodePtr
lstrcpyA
LocalLock
IsBadStringPtrW
DeleteCriticalSection
IsBadReadPtr
WriteFile
GetLastError
CloseHandle
WaitForSingleObject
GetDiskFreeSpaceW
QueryPerformanceFrequency
GlobalHandle
GetVersionExW
DeleteFileW
GetProcAddress
InitializeCriticalSection
MultiByteToWideChar
GetCurrentThread
VirtualFree
SetFilePointer
lstrcpynW
WideCharToMultiByte
FreeLibrary
VirtualAlloc
GetPrivateProfileStringW
GlobalLock
DisableThreadLibraryCalls
MulDiv
HeapAlloc
CreateFileW
GlobalMemoryStatusEx
GlobalReAlloc
QueryPerformanceCounter
LeaveCriticalSection
GetFileSize
LocalFree
GlobalAlloc
GetProcessHeap
lstrcatA
GetFileAttributesW
CreateEventW
CreateThread
GlobalFree
LocalUnlock
GetCurrentThreadId
GetThreadPriority
GetModuleHandleW
GetACP
EnterCriticalSection
IsBadWritePtr
GetModuleFileNameW
GlobalUnlock
lstrlenA
GetLocalTime
HeapFree
ExitProcess
GetFullPathNameW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 976KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7965fcff26e69ddb34c112da61f42641

Headers

File Characteristics

Imports

user32

advapi32

msvfw32

gdi32

winmm

ntdll

kernel32

version

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 186KB - Virtual size: 185KB

.rsrc Size: 245KB - Virtual size: 245KB

.data Size: 23KB - Virtual size: 976KB

.reloc Size: 512B - Virtual size: 24B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 186KB - Virtual size: 185KB

.rsrc
Size: 245KB - Virtual size: 245KB

.data
Size: 23KB - Virtual size: 976KB

.reloc
Size: 512B - Virtual size: 24B