0aabf37f1ba2e09730c725a5862be27e

Sharing

Copy URL Twitter E-mail

General

Target

0aabf37f1ba2e09730c725a5862be27e
Size

182KB
MD5

0aabf37f1ba2e09730c725a5862be27e
SHA1

884c1784d710f2df2cd0bf5c72a26b746c36a385
SHA256

c73f31c8bb74d88e9c5968c7548db06c7c6e766c787f872687490989590a96b4
SHA512

1a36ba7cfd8710509cf2a187d92db720935b03130ca9dd0d9a74e6217b25b70ed3dc1919f561b67f254000c39f343fc2f671184fad88ce582c6d64d379cb5745
SSDEEP

3072:aKyS1eZ8oTlbLmo+xEQ6aux7QcCmMwT+g2EieJ+X9Qdg+I:aKy8FoZHt+xwZUA+SBi2g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aabf37f1ba2e09730c725a5862be27e

Files

0aabf37f1ba2e09730c725a5862be27e
.exe windows:4 windows x86 arch:x86

52b06b92d28e7e2252f9501dfa9f4f27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

gdi32

CreateDIBSection
SetStretchBltMode
SelectObject
CreateSolidBrush
GetObjectA
CreateFontA
RealizePalette
CreateCompatibleBitmap
GetStockObject
StretchDIBits
BitBlt
GetDIBits
CreateCompatibleDC
CreateDIBitmap
GetDeviceCaps
SelectPalette
DeleteObject
DeleteDC
ExtEscape
SetBkMode

version

GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

kernel32

CreateFileMappingA
CreateFileA
GetVersionExA
LoadLibraryA
LoadLibraryW
GetTempPathA
EnterCriticalSection
IsBadReadPtr
GetShortPathNameW
OutputDebugStringA
InterlockedDecrement
SetThreadPriority
GetSystemInfo
CreateDirectoryA
LocalFree
DeleteFileA
VirtualProtect
VirtualAlloc
GetModuleFileNameA
GlobalFree
GetCurrentProcessId
SetEvent
InterlockedExchange
WriteProcessMemory
GetSystemTimeAsFileTime
OpenFileMappingA
GetProcAddress
IsBadWritePtr
GlobalReAlloc
GetProcessAffinityMask
HeapAlloc
GlobalLock
InitializeCriticalSection
GetModuleHandleA
GetThreadPriority
lstrcmpiA
LoadLibraryExA
GlobalSize
VirtualQuery
GetTempPathW
WaitForMultipleObjects
EnumResourceTypesW
TerminateProcess
GlobalUnlock
WaitForSingleObject
LeaveCriticalSection
MultiByteToWideChar
lstrcpynA
GetLastError
DeleteCriticalSection
CreateEventA
GetCurrentProcess
GetThreadLocale
_llseek
MapViewOfFile
GetSystemTime
MulDiv
IsDebuggerPresent
CreateSemaphoreA
Beep
GetTickCount
GetModuleFileNameW
ResetEvent
LoadResource
SizeofResource
VirtualFree
GetProcessHeap
GetLocaleInfoA
InterlockedIncrement
DeviceIoControl
FreeLibrary
GetVolumeInformationW
OutputDebugStringW
CreateDirectoryW
WideCharToMultiByte
GetFileAttributesA
HeapFree
FindResourceA
SetEnvironmentVariableW
lstrcpyA
CloseHandle
WriteFile
lstrlenA
GetCurrentThread
GlobalAlloc
ExitProcess
IsDBCSLeadByte
lstrcmpA
Sleep
RaiseException
GetCurrentThreadId
ReadFile
GetACP
FlushInstructionCache
GetDriveTypeW
GetFileAttributesW
QueryPerformanceCounter
CreateThread
lstrlenW

shlwapi

PathFileExistsW
PathCombineW

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

RegCreateKeyExA
CryptGetHashParam
CryptDestroyHash
RegEnumKeyExA
RegDeleteValueA
CryptDestroyKey
RegCloseKey
CryptCreateHash
CryptAcquireContextA
CryptImportKey
RegSetValueExA
RegQueryValueExA
CryptEncrypt
RegEnumValueA
RegQueryInfoKeyA
CryptHashData
RegOpenKeyExA
CryptReleaseContext
RegDeleteKeyA

gdiplus

GdipAlloc
GdipCreateBitmapFromFileICM
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCloneImage

ole32

OleUninitialize
OleLockRunning
CreateBindCtx
CoInitialize
StgOpenStorage
CoSetProxyBlanket
CoTaskMemRealloc
BindMoniker
CoCreateInstance
StgIsStorageFile
CoUninitialize
GetRunningObjectTable
CLSIDFromProgID
StgCreateDocfile
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoInitializeSecurity
StringFromGUID2
CreateItemMoniker
CLSIDFromString

user32

DestroyWindow
GetDC
EqualRect
SendMessageA
EndPaint
GetQueueStatus
GetParent
CopyRect
DispatchMessageA
IsWindow
SendMessageTimeoutA
KillTimer
GetWindowTextA
SetCapture
MsgWaitForMultipleObjects
ShowWindow
wsprintfA
PostMessageA
MoveWindow
CreateDialogParamA
GetWindowRect
CharNextA
DefWindowProcA
GetWindowLongA
RegisterClassExA
DrawTextA
LoadCursorA
FindWindowA
PeekMessageA
InvalidateRect
SetParent
GetActiveWindow
RegisterWindowMessageA
PostThreadMessageA
CreateAcceleratorTableA
SetRect
GetFocus
UnregisterClassA
RedrawWindow
SetFocus
InvalidateRgn
wvsprintfA
SetWindowTextA
DestroyAcceleratorTable
CallWindowProcA
GetClassNameA
GetWindowTextLengthA
GetSysColor
BeginPaint
GetClassInfoExA
GetClientRect
ReleaseCapture
IsChild
ReleaseDC
SendNotifyMessageA
SetWindowLongA
SetTimer
CreateWindowExA
FillRect
GetDlgItem
EnumDisplayDevicesA
GetWindow
GetDesktopWindow
SetWindowPos

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52b06b92d28e7e2252f9501dfa9f4f27

Headers

File Characteristics

Imports

winmm

gdi32

version

setupapi

wininet

kernel32

shlwapi

shell32

advapi32

gdiplus

ole32

user32

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: 68KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 68KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 240KB