0a7199e9d2a5ea69454500e692466c6d

Sharing

Copy URL Twitter E-mail

General

Target

0a7199e9d2a5ea69454500e692466c6d
Size

416KB
MD5

0a7199e9d2a5ea69454500e692466c6d
SHA1

b60b2af4cb564c548f42eb840aaafe6fdd9ef59c
SHA256

c07f1f74096be0d46ca30b39c674887986f93cd4752681d3bbbe41ad966dbb27
SHA512

1775112c0342c7876f23868632b29c9c75346e43874758e2692bba7b1ae0cdc559f894e8cf471d7710bc69c2c4cd4b37ebcaa9d65d5f9c19760cf0a2a2ab692b
SSDEEP

6144:SOkilUbURq7C4bW3vdNpIbSNVr43zoz+XCEQpwVF7a4QKk7Bd:rlcWPvqbSNVr4Dc+XlQmOnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7199e9d2a5ea69454500e692466c6d

Files

0a7199e9d2a5ea69454500e692466c6d
.exe windows:4 windows x86 arch:x86

80cbe31e629c57849e3cdcff2828bf57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExW
DestroyWindow
ExcludeUpdateRgn
GetWindowModuleFileNameA
IsCharUpperW
ChangeMenuW
GrayStringW

gdi32

SelectPalette
DrawEscape
SetTextJustification
GetDeviceGammaRamp
ExtCreateRegion
ColorCorrectPalette
CreateColorSpaceW
EnumFontsA
GetFontData
CreateRoundRectRgn
GetCurrentPositionEx
GetCharWidthFloatW
GetBkMode
EnumICMProfilesA
CopyEnhMetaFileA
CreateFontIndirectW

wininet

InternetSetDialStateW
SetUrlCacheEntryInfoW
InternetSetCookieW
InternetCanonicalizeUrlA
InternetDial
RetrieveUrlCacheEntryStreamA
InternetTimeToSystemTimeA
InternetTimeFromSystemTimeA
InternetSecurityProtocolToStringA
RetrieveUrlCacheEntryFileW
InternetCheckConnectionW
FtpRemoveDirectoryW
FindFirstUrlCacheGroup
RegisterUrlCacheNotification
ShowSecurityInfo
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
InternetCrackUrlA
UnlockUrlCacheEntryFile

shell32

SHInvokePrinterCommandA
DoEnvironmentSubstA
SHGetFileInfoW
SHFormatDrive
ExtractIconW
SHLoadInProc
SHGetSettings
SHGetSpecialFolderLocation
ShellExecuteEx
ShellExecuteA
SHGetFileInfo
RealShellExecuteA
DragQueryFileAorW
RealShellExecuteExW
ExtractIconExW
SHBrowseForFolder
SHAddToRecentDocs
SHEmptyRecycleBinW
DragQueryFile
SheChangeDirA
FindExecutableW
ExtractAssociatedIconA
SHGetDesktopFolder

kernel32

GetModuleHandleA
GetUserDefaultLCID
CreatePipe
GetOEMCP
TerminateProcess
GetStringTypeA
WriteFile
ExitProcess
Sleep
GetEnvironmentStringsW
GetEnvironmentStrings
SetConsoleCtrlHandler
TlsAlloc
SetHandleCount
LocalSize
TlsFree
GetTickCount
WaitNamedPipeA
FoldStringW
FileTimeToLocalFileTime
WaitForSingleObject
GetTimeFormatA
LeaveCriticalSection
GetACP
GetEnvironmentStringsA
RtlUnwind
LCMapStringW
UnhandledExceptionFilter
EnumCalendarInfoExW
DeleteCriticalSection
GetLastError
ContinueDebugEvent
GetStringTypeW
ReadConsoleOutputAttribute
GetCommandLineA
GetLocaleInfoW
HeapDestroy
FreeLibrary
LCMapStringA
InterlockedDecrement
GetFileType
GetTimeZoneInformation
GetModuleFileNameA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
ReadConsoleOutputCharacterW
GetDateFormatA
WideCharToMultiByte
HeapCreate
LocalReAlloc
TlsGetValue
GetCurrentThreadId
SetLastError
GetCurrentDirectoryW
FreeEnvironmentStringsW
HeapAlloc
FreeEnvironmentStringsA
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
CompareStringW
LoadLibraryA
GetStartupInfoA
MultiByteToWideChar
InterlockedExchange
QueryPerformanceCounter
GetCurrentProcess
GetCurrentThread
VirtualFree
GetCPInfo
InterlockedIncrement
CompareStringA
HeapSize
SuspendThread
IsValidCodePage
GetPrivateProfileStringA
HeapFree
HeapReAlloc
GetProcAddress
VirtualQuery
GetCurrentProcessId
GetCompressedFileSizeA
DeleteFileA
WriteConsoleInputW
TlsSetValue
IsValidLocale
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
VirtualAlloc
GetStdHandle
EnumSystemLocalesA

advapi32

RegOpenKeyA
RegFlushKey
RegQueryValueExW
CryptExportKey
RegDeleteValueA
RegEnumKeyA
LookupAccountNameW
RegReplaceKeyW
CryptHashData

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80cbe31e629c57849e3cdcff2828bf57

Headers

File Characteristics

Imports

user32

gdi32

wininet

shell32

kernel32

advapi32

Sections

.text Size: 130KB - Virtual size: 130KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 130KB - Virtual size: 130KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 10KB - Virtual size: 9KB