08f32872beb26029d0febb45d3d40b2a

Sharing

Copy URL Twitter E-mail

General

Target

08f32872beb26029d0febb45d3d40b2a
Size

340KB
MD5

08f32872beb26029d0febb45d3d40b2a
SHA1

db51271870aea7c581bb133d62cd742ed346c9dd
SHA256

9eaebe270370aab5b34b00fd3154e4085cc50fef3bc917c790202f977dcb0da4
SHA512

7ab1944c33acd2b60561a768b0ccaf0ded7d93bf60bee7128c4bd38e3b60ab1b2694cb1e01a4750da8a7c43402639db023ccac5cdb74140ac5c656386bf76a75
SSDEEP

6144:J3u5DO7KdNgoIP5awSf0TynkvoTpuaTQW3rGyehhy8AsPerXsOT:J3u5DO7KdNg9P5awu0unkQTUa53jIysZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f32872beb26029d0febb45d3d40b2a

Files

08f32872beb26029d0febb45d3d40b2a
.exe windows:4 windows x86 arch:x86

5f29906528640ea05ba74a7b0ae54fc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GopherCreateLocatorA
ReadUrlCacheEntryStream
SetUrlCacheConfigInfoW
InternetQueryFortezzaStatus
GopherGetAttributeW
UpdateUrlCacheContentPath

shell32

SHGetPathFromIDListW

comctl32

ImageList_GetFlags
CreateUpDownControl
DrawStatusTextW
CreateStatusWindowW
ImageList_BeginDrag
ImageList_Duplicate
DestroyPropertySheetPage
ImageList_SetIconSize
InitCommonControlsEx

kernel32

LCMapStringA
WriteConsoleOutputCharacterW
GetPrivateProfileStructW
SystemTimeToTzSpecificLocalTime
LeaveCriticalSection
HeapFree
LocalSize
IsBadWritePtr
GetModuleHandleA
GetDiskFreeSpaceA
GetCurrentProcess
GetCommandLineW
WriteConsoleInputW
GetProcessHeaps
TlsAlloc
GetStdHandle
GetCurrentProcessId
CreateDirectoryExW
GetCurrentThread
SetEnvironmentVariableA
GetProfileSectionA
GetDriveTypeA
IsBadReadPtr
HeapReAlloc
EnterCriticalSection
QueryPerformanceCounter
GetUserDefaultLCID
lstrcmpiW
SetLastError
DeleteCriticalSection
lstrlenA
GetNamedPipeHandleStateW
GetEnvironmentStringsW
ExitProcess
LoadLibraryExW
GetFileType
IsValidCodePage
GetSystemInfo
GetDateFormatA
WaitForSingleObject
GlobalCompact
SetFileAttributesW
InitializeCriticalSection
GlobalHandle
SetStdHandle
GetComputerNameW
IsValidLocale
LoadLibraryA
CreateProcessA
MultiByteToWideChar
CreateThread
WaitForSingleObjectEx
lstrcmpA
FormatMessageW
OpenWaitableTimerA
RtlUnwind
ConnectNamedPipe
CompareStringA
SetConsoleCursorInfo
LocalFileTimeToFileTime
VirtualFreeEx
GetLastError
SetEvent
CreateSemaphoreW
EnumDateFormatsExW
HeapDestroy
LocalCompact
LocalReAlloc
GetModuleFileNameW
FreeLibraryAndExitThread
GetStartupInfoW
SetCriticalSectionSpinCount
GetPrivateProfileSectionW
GetLocaleInfoA
LCMapStringW
FlushFileBuffers
VirtualProtect
GetStartupInfoA
GetDiskFreeSpaceW
FreeEnvironmentStringsA
InterlockedExchange
GetCurrentThreadId
EnumSystemCodePagesW
GetStringTypeA
TlsFree
GetTickCount
GetACP
GetCommandLineA
GetProcAddress
WriteFile
TlsSetValue
VirtualQuery
GetLocaleInfoW
GetConsoleMode
GetTempFileNameA
CreateWaitableTimerA
HeapCreate
CloseHandle
SetFilePointer
GetTimeFormatA
OpenMutexA
WideCharToMultiByte
FreeLibrary
GetWindowsDirectoryW
GetTimeZoneInformation
GetProfileIntA
ReadFile
EnumSystemLocalesA
RemoveDirectoryA
HeapAlloc
GetVersionExA
WaitNamedPipeW
OpenWaitableTimerW
TlsGetValue
VirtualFree
GetCPInfo
GlobalSize
SetHandleCount
TerminateProcess
GetVersion
FreeEnvironmentStringsW
GetModuleFileNameA
GetPrivateProfileStructA
GetOEMCP
GetPrivateProfileStringW
GetEnvironmentStrings
CreateMutexA
GetSystemDefaultLangID
VirtualAlloc
GetThreadContext
lstrcat
GetFileAttributesW
CompareStringW
GetStringTypeW
HeapSize
GetEnvironmentVariableW
GetSystemTimeAsFileTime
UnhandledExceptionFilter

user32

CreateWindowExA
GetShellWindow
WinHelpA
ScreenToClient
DestroyWindow
DrawCaption
ValidateRect
SetRectEmpty
MessageBoxA
DdeConnect
LoadMenuIndirectW
BringWindowToTop
GetParent
SetParent
SetDlgItemTextW
RegisterClassExA
TrackPopupMenu
CharNextW
BroadcastSystemMessage
DefWindowProcW
ModifyMenuW
IsCharLowerW
RegisterClassA
DialogBoxParamW
DefFrameProcW
CreateWindowExW
ShowWindow
GetKeyboardLayoutList
GetClassLongW
RemovePropA
CharPrevW
PackDDElParam

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f29906528640ea05ba74a7b0ae54fc8

Headers

File Characteristics

Imports

wininet

shell32

comctl32

kernel32

user32

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 96KB - Virtual size: 110KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 96KB - Virtual size: 110KB

.rsrc
Size: 16KB - Virtual size: 14KB