0a5d896507d5e79c48d85712105b09df

Sharing

Copy URL Twitter E-mail

General

Target

0a5d896507d5e79c48d85712105b09df
Size

540KB
MD5

0a5d896507d5e79c48d85712105b09df
SHA1

0c7dcb76558c73d9cdd3e051c2b946025942abf1
SHA256

e5b341aa200546713603c6dadf1e5cc39697665c33e62ad74afccdc4e21ec2d8
SHA512

0adb91bb988bd42c70354c4227ba236e28d6dbd01a1e52d8b405c27efe87e782338f37e3c2e289be68c486da33a00c92d312fbf89ece3924759aab42faa584ee
SSDEEP

12288:fbzhYqwsuTIRs+5LMVhlVRXW1YqqDM+cX5QaBPwyOHKLz5T37d6W9G:fvhYqxuTIRsCLMLlC1Yq8qX9Bonqx3fk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a5d896507d5e79c48d85712105b09df

Files

0a5d896507d5e79c48d85712105b09df
.exe windows:4 windows x86 arch:x86

5b73dad180ae7315c6cb957fb62ec93d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

gdi32

GetPixel
CreateICA
GetArcDirection
SelectClipPath
GetObjectType
GetAspectRatioFilterEx
TextOutA
AbortPath
SetICMProfileW
SetFontEnumeration
SetMiterLimit
EnableEUDC

kernel32

GetModuleFileNameA
LCMapStringA
GetFileType
ReadFile
GetEnvironmentStringsW
TlsSetValue
EnterCriticalSection
VirtualFree
GetCurrentThreadId
LCMapStringW
GetLocalTime
GetStringTypeW
GetCurrentProcess
GetTickCount
LoadLibraryA
GetCurrentThread
SetConsoleCursorInfo
GetTimeZoneInformation
QueryPerformanceCounter
InterlockedDecrement
HeapReAlloc
GetSystemDirectoryA
MoveFileA
SetLastError
GetWindowsDirectoryW
WritePrivateProfileSectionW
GetModuleHandleA
GetThreadTimes
FreeLibrary
FlushFileBuffers
TlsAlloc
LockFile
SetStdHandle
TlsFree
GetCurrentProcessId
GetCompressedFileSizeW
GetProcAddress
HeapFree
IsBadWritePtr
GetCommandLineA
CloseHandle
EnumDateFormatsA
RtlUnwind
CreateDirectoryA
GetVersion
EnumSystemLocalesA
HeapCreate
SetEnvironmentVariableA
DeleteCriticalSection
WriteFile
VirtualAlloc
GetThreadSelectorEntry
OpenMutexA
GetCPInfo
InterlockedExchange
FreeEnvironmentStringsW
GetModuleHandleW
HeapAlloc
CreateWaitableTimerA
EnumSystemCodePagesA
InitializeCriticalSection
GetStdHandle
MoveFileW
GetLastError
ExitProcess
GetStringTypeA
CreateMutexA
SetFilePointer
TerminateProcess
GetStartupInfoA
TlsGetValue
VirtualQuery
HeapValidate
LeaveCriticalSection
CompareStringA
HeapDestroy
GetEnvironmentStrings
GetSystemTimeAsFileTime
OpenWaitableTimerA
SetHandleCount
WideCharToMultiByte
GetACP
FreeEnvironmentStringsA
UnhandledExceptionFilter
CompareStringW
MultiByteToWideChar
InterlockedIncrement
GetOEMCP
GetSystemTime

advapi32

CryptSetProviderExA
InitiateSystemShutdownW
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExA
RegSetValueExW
CryptGetDefaultProviderW
LookupSecurityDescriptorPartsA
LogonUserA
CryptEnumProviderTypesW
RegDeleteValueA
RegRestoreKeyA
CryptSetProviderA
CryptSetProviderExW
CryptGetKeyParam
CreateServiceW
CryptExportKey
LookupAccountSidW
LogonUserW
GetUserNameW
CryptVerifySignatureW
RegFlushKey
RegQueryMultipleValuesA
AbortSystemShutdownA
RegNotifyChangeKeyValue

user32

SwapMouseButton
GetClassInfoExA
CharPrevExA
GetClipboardViewer
CreateMenu
ToAscii
GetDialogBaseUnits
GetLastActivePopup
GetWindowRgn
EnumPropsExW
RegisterClassExA
DdeAccessData
PeekMessageA
GetMenuCheckMarkDimensions
MessageBoxExW
CreateDialogParamW
SendIMEMessageExW
DragObject
DrawTextExA
EnumDisplaySettingsExA
IsWindowUnicode
RegisterClassA
DestroyWindow
DdeKeepStringHandle
IsDialogMessageW
GetTabbedTextExtentW
ClientToScreen

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b73dad180ae7315c6cb957fb62ec93d

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

advapi32

user32

Sections

.text Size: 214KB - Virtual size: 213KB

.rdata Size: 5KB - Virtual size: 17KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 214KB - Virtual size: 213KB

.rdata
Size: 5KB - Virtual size: 17KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 5KB - Virtual size: 4KB