08b531db05afbbdd2e8132d52ab51386

Sharing

Copy URL Twitter E-mail

General

Target

08b531db05afbbdd2e8132d52ab51386
Size

2.1MB
MD5

08b531db05afbbdd2e8132d52ab51386
SHA1

a2a765557c476bb9c6f3d94db5a79769c731cc5e
SHA256

db9cce8c7d8bd912bb23548474ccaf57cd2c192955616c488d66b72819dbb80e
SHA512

6e447dd4d3f42abca2b291ae783a2280021f829e034f8413bf39eb53d53839320d10ee04dcc6ea00200245f6572ac1839d01fc67f2a1f4c2fc2a341eb346756a
SSDEEP

49152:3Tk8rNZLP+3bbO0i1fZ0QfvGNf8/j+lwggvol+Yxa:DreZgTfvGNE/mwL0D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b531db05afbbdd2e8132d52ab51386

Files

08b531db05afbbdd2e8132d52ab51386
.exe windows:4 windows x86 arch:x86

356c0ec790e9e2275d41c3e16ac8c444

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
MultiByteToWideChar
GetModuleFileNameA
GetModuleHandleA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
GetVersion
CreateSemaphoreA
CopyFileA
GetTempPathA
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceA
GlobalAlloc
lstrlenW
lstrlenA
GlobalUnlock
GlobalLock
InterlockedIncrement
InterlockedDecrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetTempFileNameA
CreateDirectoryA
GetLastError
DeleteFileA
WriteFile
SetFileTime
CreateProcessA
GetDriveTypeA
SetFilePointer
ReadFile
GetCurrentThreadId
GetTickCount
GetStartupInfoA
EnterCriticalSection
CreateFileA
GetFileInformationByHandle
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
LeaveCriticalSection

gdi32

GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
CreateDCA
CreateDIBitmap
DeleteDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation

comctl32

ord17

shlwapi

PathAddBackslashA
PathIsDirectoryA

user32

CreateDialogIndirectParamA
GetWindowTextLengthA
GetSysColor
GetClassNameA
InvalidateRgn
IsChild
CallWindowProcA
EndPaint
FillRect
wsprintfA
EnableWindow
ReleaseDC
SendMessageA
GetDC
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetParent
GetDesktopWindow
RedrawWindow
IsWindow
BeginPaint
GetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DialogBoxIndirectParamA
GetActiveWindow
ShowWindow
GetMessageA
ExitWindowsEx
EndDialog
PeekMessageA
IsDialogMessageA
DispatchMessageA
UpdateWindow
KillTimer
InvalidateRect
IsWindowEnabled
SetTimer
SetWindowPos
MessageBoxA
SetFocus
GetFocus
SetWindowTextA
DestroyWindow
PostQuitMessage
GetDlgItem
GetWindowPlacement
SendDlgItemMessageA
GetWindowLongA
SetWindowLongA
MoveWindow
BringWindowToTop
GetClientRect
CreateWindowExA
LoadIconA

olepro32

ord253

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

LoadRegTypeLi
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString

msvcrt

_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
free
malloc
_purecall
_chdir
localtime
time
asctime
_findnext
strncpy
_i64toa
sprintf
memcmp
_findfirst
_findclose
memset
strtoul
??3@YAXPAX@Z
atol
_itoa
strstr
__CxxFrameHandler
strcpy
strlen
memcpy
??2@YAPAXI@Z
strcmp
strcat
exit
__p__fmode
__set_app_type
_controlfp
_stricmp
_ultoa
__p__commode

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

356c0ec790e9e2275d41c3e16ac8c444

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

comctl32

shlwapi

user32

olepro32

advapi32

ole32

oleaut32

msvcrt

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 12KB - Virtual size: 11KB