00f22d119a03e88faad0d6ca592befb6

Sharing

Copy URL Twitter E-mail

General

Target

00f22d119a03e88faad0d6ca592befb6
Size

401KB
MD5

00f22d119a03e88faad0d6ca592befb6
SHA1

ac5f7e04ded1016bec0849a36a3ce7a60571d881
SHA256

bd4d5bbb05465ab0987c5f3192e83d252aeb55b985990841bb89abdcfa386df8
SHA512

52d13695a89d68c1760242ff4930155aa576d00adf2e73fa46789b029e2828da50469840d1b91edab0ea359bce544de87ecb78dfda069ec58338b40a5ceda55f
SSDEEP

6144:gruxWRv5M5vxfAkfmt1J5F73X9YXIx9zhwRmA/8ceBTYBGXpcVAefPZ+XB9vcixr:9f6P5tX9o49zydEtl4G59ew9Wy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00f22d119a03e88faad0d6ca592befb6

Files

00f22d119a03e88faad0d6ca592befb6
.exe windows:4 windows x86 arch:x86

6f6afb926599ce792d885faa53d49a58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
PageSetupDlgA

advapi32

CreateServiceW
CryptGetUserKey
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
ReportEventA
RegRestoreKeyA

kernel32

RtlUnwind
GetTickCount
HeapFree
EnterCriticalSection
GetConsoleTitleA
FillConsoleOutputCharacterW
GetLastError
IsBadWritePtr
TlsGetValue
GetCurrentThread
LCMapStringA
HeapCreate
GetCurrentProcessId
InitializeCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
LoadLibraryExW
MapViewOfFileEx
TlsSetValue
GetProcAddress
GetNamedPipeInfo
GetModuleHandleA
VirtualQuery
SetHandleCount
VirtualAlloc
GetOEMCP
GetDiskFreeSpaceExW
WritePrivateProfileSectionA
TlsFree
GetCPInfo
FreeEnvironmentStringsA
WideCharToMultiByte
GetLogicalDriveStringsA
LockFile
GetStringTypeW
GetProcessAffinityMask
lstrcpynA
WriteConsoleW
LoadLibraryA
GetStringTypeA
LCMapStringW
GetWindowsDirectoryA
WriteConsoleOutputW
LocalFileTimeToFileTime
ReleaseMutex
DeleteCriticalSection
ExitProcess
GetStartupInfoA
GetFullPathNameA
VirtualFree
SetLastError
InterlockedExchange
TerminateProcess
GetFileType
GetModuleFileNameA
CreateMailslotA
GetACP
UnhandledExceptionFilter
GetCurrentThreadId
LeaveCriticalSection
TlsAlloc
GetEnvironmentStrings
FreeEnvironmentStringsW
GetStdHandle
HeapReAlloc
HeapDestroy
WriteFile
GetCompressedFileSizeA
GetCurrentProcess
HeapAlloc
MultiByteToWideChar
GetCommandLineA
GetVersion
GetSystemTimeAdjustment
GetEnvironmentStringsW

shell32

SHGetInstanceExplorer
RealShellExecuteA

user32

ExitWindowsEx
WindowFromDC
LoadMenuIndirectA

gdi32

SetViewportOrgEx
GetTextMetricsW
Arc
CreateMetaFileW
CreateDIBitmap
GdiFlush
SetEnhMetaFileBits
EnumFontFamiliesW
GetBkMode
SetWorldTransform
SetWindowOrgEx
RemoveFontResourceA
SetColorAdjustment
PlgBlt
GetKerningPairs
BitBlt
Pie
DeleteColorSpace
GetPolyFillMode
SetArcDirection
GetTextFaceW
SetFontEnumeration
PaintRgn
CreateFontA
SelectPalette

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f6afb926599ce792d885faa53d49a58

Headers

File Characteristics

Imports

comdlg32

advapi32

kernel32

shell32

user32

gdi32

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 4KB - Virtual size: 12KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 4KB - Virtual size: 12KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 11KB - Virtual size: 11KB