0dbae335cec36530adfeedf92be6bcbc

Sharing

Copy URL

Twitter E-mail

General

Target

0dbae335cec36530adfeedf92be6bcbc
Size

184KB
MD5

0dbae335cec36530adfeedf92be6bcbc
SHA1

992aa3f8030e49c173d8e938b7e90389edc446ee
SHA256

2c9cfc5a90131a5ea58a412c4f58994f739110f041325cfed3a80d482f5345fa
SHA512

8a17300468ce35beae3de2448e99b8d83310d64be14d12a2deb58a2d26275e5ca416c76eb81b695927d71fd0b36a3e49a44a6a0d67b33fc9c743b8e65d1b1e99
SSDEEP

3072:1YeYFacsza2Pgl+AHcz+z85Z0Lp5+Bh+pMo0y7yxLyBIjXAGqC:1YepGQgsBK85Z0LpYBhIExLIC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dbae335cec36530adfeedf92be6bcbc

Files

0dbae335cec36530adfeedf92be6bcbc
.exe windows:4 windows x86 arch:x86

c5196b690cfa54d8b6da0089715623f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW

kernel32

GetWindowsDirectoryW
GetFileAttributesW
GetFileTime
SetConsoleOutputCP
GetTickCount
HeapFree
HeapAlloc
CreateDirectoryW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
HeapSize
FreeLibrary
GetProcAddress
LoadLibraryA
LoadLibraryW
GetTickCount
GetTempPathA
ResetEvent
WaitForSingleObject
SetEvent
Sleep
ReadFile
GetFileInformationByHandle
CreateFileA
VirtualAlloc
VirtualFree
SetFilePointer
FindNextFileW
CreateDirectoryA
GetFileSize
FindNextFileA
FindFirstFileA
GetExitCodeThread
TerminateThread
DeleteFileW
GetDiskFreeSpaceExW
GetVersionExA
lstrlenA
GetLocaleInfoA
lstrcatA
GetLocalTime
SystemTimeToFileTime
lstrlenW
lstrcatW
lstrcpyW
SetFileAttributesA
GetFileAttributesA
CopyFileA
SetFileAttributesW
GetFileAttributesW
CopyFileW
GetVersion
SetThreadPriority
GetCurrentThread
CreateEventA
WaitForMultipleObjects
DeleteFileA
CreatePipe
GetSystemInfo
GetTimeZoneInformation
FileTimeToSystemTime
OutputDebugStringA
lstrcpyA
GetFullPathNameA
GetFullPathNameW
IsDBCSLeadByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
InterlockedExchange
GetDiskFreeSpaceExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateSemaphoreA
ReleaseSemaphore
ExitThread
WritePrivateProfileStringA
GetPrivateProfileStringA
FileTimeToLocalFileTime
lstrcmpA
lstrcmpW
GlobalFree
GlobalUnlock
GlobalAlloc
GetACP
GetTempFileNameA
GetUserDefaultLCID
SetPriorityClass
GetThreadPriority
GetPriorityClass
GetCurrentProcess
RtlUnwind
GetCurrentThreadId
TlsSetValue
GetSystemTime
HeapFree
HeapAlloc
GetCPInfo
GetOEMCP
GetCommandLineA
RaiseException
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
GetModuleHandleA
UnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadCodePtr

user32

HideCaret
GetDlgItem
GetDlgCtrlID
GetParent
WindowFromPoint
MsgWaitForMultipleObjects
GetMonitorInfoW
MonitorFromWindow
CheckDlgButton
EnableWindow
EndPaint
TrackPopupMenu
MapWindowPoints
GetClientRect
GetWindowRect
GetActiveWindow
EqualRect
PtInRect
MessageBoxW
UnregisterClassW
GetCaretBlinkTime
GetDoubleClickTime
GetSystemMetrics
GetFocus
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
MsgWaitForMultipleObjectsEx
ReleaseCapture
SetCapture
DestroyWindow
GetDesktopWindow
SetFocus
SetCursor
WindowFromDC
InvalidateRect
DestroyMenu
RegisterClassW
LoadCursorW
SetRectEmpty
TranslateMessage
PeekMessageW
DispatchMessageW
CharLowerBuffW
GetCursorPos
SetPropW
GetSubMenu
RemoveMenu
SetMenuItemInfoW
LoadMenuIndirectW
KillTimer
SetWindowTextW
SetTimer
BeginPaint
SetClipboardData
GetKeyboardLayout
PostMessageW
FindWindowW
RegisterWindowMessageW
PostThreadMessageW
GetWindowLongW
SetWindowLongW
GetForegroundWindow
EnumDisplayDevicesW
SendMessageW
SetWindowPos
GetDC
ReleaseDC
GetKeyboardState
RemovePropW
GetWindowTextW
GetWindow

shell32

ShellExecuteExW
ShellExecuteW
SHFileOperationW
SHGetFolderPathW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

comctl32

InitCommonControlsEx

ole32

CoCreateInstance
OleRegGetMiscStatus
OleSaveToStream
OleLoadFromStream
OleRegEnumVerbs
OleRegGetUserType
WriteClassStm
CoTaskMemRealloc
CreateOleAdviseHolder
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CreateBindCtx
CreateStreamOnHGlobal
CoInitialize
CoGetMalloc

pdh

PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterW
PdhMakeCounterPathW
PdhLookupPerfNameByIndexW
PdhCloseQuery
PdhOpenQueryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeGetDevCaps
timeEndPeriod
timeBeginPeriod
timeGetTime

crypt32

CertVerifyCertificateChainPolicy

setupapi

SetupIterateCabinetW

oleaut32

CreateErrorInfo
DispInvoke
VarI2FromR4
SetErrorInfo

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5196b690cfa54d8b6da0089715623f5

Headers

File Characteristics

Imports

advapi32

kernel32

user32

shell32

comdlg32

comctl32

ole32

pdh

version

winmm

crypt32

setupapi

oleaut32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 38KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 262B

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 38KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 262B