0d655dc2dc2580b5da0e6b2f33bd0bb6

Sharing

Copy URL Twitter E-mail

General

Target

0d655dc2dc2580b5da0e6b2f33bd0bb6
Size

204KB
MD5

0d655dc2dc2580b5da0e6b2f33bd0bb6
SHA1

e0a2233ab01db42a2845feef4d6517fcb3878555
SHA256

eb026d767a26195edace56b0782714bcd397093fe2a37f3c4acd7fe070974833
SHA512

1bcaba15760e33bf983efb20b66c03085a7a9bfab87d106835dccb6327dcbf955f09b4b8a243b8bc17a5a639f7ed17fbdb0aad5fea392cba8a6b737f295cf0bb
SSDEEP

3072:PpLE6aXucjhpVEBmsxBuTzbO8DhXMjhVhWvfI98C7PyN830MiCD4vifNjiVhLcGq:xLEyc1OCTe8lXIj2w9v7ziYbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d655dc2dc2580b5da0e6b2f33bd0bb6

Files

0d655dc2dc2580b5da0e6b2f33bd0bb6
.exe windows:4 windows x86 arch:x86

28268e0310c3431e66982d8f0487ff27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopy
LoadTypeLibEx
SafeArrayCreate
QueryPathOfRegTypeLi
SysFreeString
SafeArrayGetLBound
SetErrorInfo
SafeArrayRedim
SafeArrayGetElement

kernel32

GetModuleFileNameW
GetDriveTypeW
GetPrivateProfileSectionW
EndUpdateResourceA
GetDiskFreeSpaceExA
OpenMutexA
GetConsoleMode
FindResourceExW
CreateMutexW
CreateDirectoryW
CompareStringW
GetModuleHandleA
PeekConsoleInputW
GlobalFree
OutputDebugStringA
ExpandEnvironmentStringsW
GetProcessHeap
GlobalDeleteAtom
CreateFileW
GetCurrentDirectoryW
GlobalUnlock
IsProcessorFeaturePresent
VirtualAlloc
GlobalFindAtomA
GetCommandLineA
LoadLibraryExA
GetCommConfig
GetVolumeInformationW
GetThreadContext
GetLargestConsoleWindowSize
GetFullPathNameA
SetThreadPriorityBoost
ConnectNamedPipe
EnumResourceNamesW
CreateEventA
SetEnvironmentVariableA
SetErrorMode
GetVersion
VirtualLock
IsBadStringPtrA
SetConsoleOutputCP
CancelIo
SetStdHandle
GetDiskFreeSpaceW
LocalLock
GetDateFormatA
GetEnvironmentStringsW
GetThreadPriority
GetProfileStringA
ExitProcess
GetOEMCP
GetTapeStatus
_lopen
FlushFileBuffers
lstrcmpiW
WriteConsoleOutputCharacterA
GetStringTypeExW
WritePrivateProfileStringA
VirtualQueryEx
SetConsoleWindowInfo
SetConsoleActiveScreenBuffer
GetUserDefaultLCID
OutputDebugStringW
LocalReAlloc
ReadFile

user32

MapDialogRect
WinHelpA
EnumWindowStationsW
LoadMenuA
IsChild
GetWindowLongW
ShowWindow
TranslateMDISysAccel
WinHelpW
CallNextHookEx
FindWindowW
RegisterClassExW
EnumDisplaySettingsExW
GetSysColor
GetClassLongW
SetWindowLongW
GetSysColorBrush
SetParent
ChangeDisplaySettingsExA
AppendMenuW
DialogBoxIndirectParamW
CreateAcceleratorTableW
LoadAcceleratorsA
GetUserObjectInformationW
GetUpdateRgn
AdjustWindowRect
CreateDesktopA
IsCharUpperA
IsCharAlphaNumericW
GetNextDlgTabItem
SetRect
CharPrevW
InvertRect
BringWindowToTop
GetClassInfoExA
MsgWaitForMultipleObjects
EnumDesktopsA
LoadIconW

advapi32

BuildTrusteeWithSidW
CryptImportKey
SetSecurityDescriptorSacl
ImpersonateNamedPipeClient
GetSidLengthRequired
DuplicateTokenEx
RegSetValueA
CreateProcessAsUserA
BuildTrusteeWithNameW
CryptVerifySignatureA
CreatePrivateObjectSecurity
RegReplaceKeyW
RegQueryValueExW
RegUnLoadKeyA
RegRestoreKeyW
RegConnectRegistryW
SetPrivateObjectSecurity
InitiateSystemShutdownA
CryptEncrypt
OpenServiceW
RegCreateKeyExA
ImpersonateSelf
OpenServiceA
AccessCheckAndAuditAlarmA
RegSetValueExW
CryptDeriveKey

gdi32

GetObjectA
GetDIBits
GetEnhMetaFileHeader
GetEnhMetaFileBits
StretchDIBits
Arc
CreateFontW
PlayMetaFile
GetDCOrgEx
GetTextColor
CreateRoundRectRgn
GetClipRgn
RemoveFontResourceA
GetWinMetaFileBits
GetTextExtentPoint32W
SetStretchBltMode
SetBkMode
CreatePalette
SetLayout
EnumFontFamiliesW
CreateEllipticRgn

version

VerQueryValueA
VerFindFileA
GetFileVersionInfoSizeA

shell32

DragQueryPoint
SHLoadInProc
SHBrowseForFolderA

ole32

CoGetObject
OleSetClipboard
OleBuildVersion
OleSave
CoInitializeEx

ws2_32

WSASetServiceA
WSAStartup
htonl
WSALookupServiceNextA
ntohl
WSAGetQOSByName
getsockopt

comctl32

ImageList_SetOverlayImage
ImageList_DragEnter
ImageList_Create

msvcrt

_mbstrlen
_getcwd
towupper
_fdopen
printf
_getch
_makepath
_strnicoll
strpbrk
_close
vfprintf
_iob
ceil
fread
_mbscat
_dup
isalnum
iswascii
iswctype
malloc
iswprint
_isatty
bsearch
_putws
fputws
_wcsicmp
_mbsnbcmp
_wtoi64
isxdigit
_errno
_wchmod
strstr
_wspawnvp
wprintf
_chsize
_wctime

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28268e0310c3431e66982d8f0487ff27

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

advapi32

gdi32

version

shell32

ole32

ws2_32

comctl32

msvcrt

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 8KB - Virtual size: 5KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 8KB - Virtual size: 5KB