08fe9f2b41000d1bbc870c21bb10cd86

Sharing

Copy URL Twitter E-mail

General

Target

08fe9f2b41000d1bbc870c21bb10cd86
Size

452KB
MD5

08fe9f2b41000d1bbc870c21bb10cd86
SHA1

18244a983959d2bbdef334a3329bddee837ddac3
SHA256

ea3910f844978c7d125085dbe3b71b5382cb9aac198e1a447977387938c6e3cc
SHA512

ffcb811cb28102cb21ed654a43d970c6f651c32b6d31e5e4c0ad329caf44cefeb59a83a1b74fdb9c03d3d11c9c6c7167c58c8be913599b19de0faf3ed2efe4f7
SSDEEP

12288:CXRGK2axthzxTAW2sgu1rhv9y+k3k6L4v:CBnxtDlhHly+v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08fe9f2b41000d1bbc870c21bb10cd86

Files

08fe9f2b41000d1bbc870c21bb10cd86
.exe windows:4 windows x86 arch:x86

7ca1e9f00a47a6f059b97afd06716862

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoW
ExtractAssociatedIconW
SHFormatDrive

comdlg32

ChooseFontW

advapi32

CryptAcquireContextA

gdi32

GetDIBits
SetTextColor
OffsetRgn
CreateICA
ResetDCW
CreatePenIndirect
GetBrushOrgEx
CopyEnhMetaFileW
SetRectRgn

user32

GetWindowTextA
DdeInitializeW
PaintDesktop
CallWindowProcA
LoadImageA
EnumClipboardFormats
GetAncestor
EnumPropsW
GetKBCodePage
EnumPropsExW
AttachThreadInput
ExitWindowsEx
CheckMenuItem
DragDetect
DefFrameProcW
ShowCaret
DrawMenuBar

kernel32

GetCalendarInfoW
GetTimeFormatA
LocalCompact
HeapFree
GetStartupInfoA
HeapReAlloc
InitializeCriticalSection
ReleaseMutex
GetSystemTime
GetUserDefaultLCID
EnterCriticalSection
GetTickCount
GetCurrentThread
Sleep
DeleteCriticalSection
GetSystemInfo
TlsSetValue
LCMapStringA
GetCommandLineA
MultiByteToWideChar
VirtualAlloc
GetFileTime
VirtualProtect
GetLocaleInfoA
GetStdHandle
VirtualQuery
GetTimeZoneInformation
HeapAlloc
HeapValidate
CreateFileW
LockResource
EnumCalendarInfoW
GetModuleFileNameA
ExitProcess
InterlockedExchange
SetThreadLocale
SetHandleCount
CreateDirectoryA
GetSystemTimeAsFileTime
CreateSemaphoreW
GetSystemDefaultLangID
GetFileType
HeapCreate
GetOEMCP
TerminateProcess
GetStringTypeA
IsValidCodePage
CompareStringW
GetEnvironmentStrings
IsBadWritePtr
GetACP
EnumSystemLocalesA
SetLastError
GetProcAddress
GetLocaleInfoW
QueryPerformanceCounter
GetProcessHeaps
GetVersionExA
TlsAlloc
UnhandledExceptionFilter
SetEnvironmentVariableA
WideCharToMultiByte
IsValidLocale
GetSystemTimeAdjustment
TlsGetValue
CompareStringA
GetModuleHandleA
RaiseException
HeapDestroy
HeapSize
RtlUnwind
LoadLibraryA
FreeEnvironmentStringsW
TlsFree
LeaveCriticalSection
GetDateFormatA
GetStringTypeW
VirtualFree
FreeEnvironmentStringsA
GetCPInfo
LocalFree
GetCurrentThreadId
FlushFileBuffers
LCMapStringW
GetEnvironmentStringsW
GetCurrentProcess
MoveFileW
RtlMoveMemory
GetLastError
GetCurrentProcessId
WriteFile

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ca1e9f00a47a6f059b97afd06716862

Headers

File Characteristics

Imports

shell32

comdlg32

advapi32

gdi32

user32

kernel32

Sections

.text Size: 150KB - Virtual size: 150KB

.rdata Size: 8KB - Virtual size: 17KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 150KB - Virtual size: 150KB

.rdata
Size: 8KB - Virtual size: 17KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 13KB - Virtual size: 12KB