0a32290f8d6ebe85448c6e11bdaa5ab2

Sharing

Copy URL Twitter E-mail

General

Target

0a32290f8d6ebe85448c6e11bdaa5ab2
Size

182KB
MD5

0a32290f8d6ebe85448c6e11bdaa5ab2
SHA1

0683a0f9dd247396f54befa51b85bf11768a7bce
SHA256

b4af3bddff91c407af7c291713c3af5ab1aa0cbf3dc4cc5ef01d7937e35c52b5
SHA512

f1cefd79f15ac4c7e3e257b0b6b6922c8536c767a50f97baa3358fd30c6a51a7c8d5b65e3e475935e92f65f9b6b19b8357a866fd7b43deb5739a06c3ac83bd41
SSDEEP

3072:e9SFqoXR/ekMfyC8iAErvcyDixKuJVR7adoyGYpqC0NGIbZMAvgQk:FFqo5YCiPPixF7Rtyl8N/pvgX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a32290f8d6ebe85448c6e11bdaa5ab2

Files

0a32290f8d6ebe85448c6e11bdaa5ab2
.exe windows:5 windows x86 arch:x86

c66e48f2e42f7e60b3eb7eb077b9d65b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
strcspn
setlocale
__p__fmode
towupper
wcsncmp
rand
towlower
getc
strtoul
__p__commode
_amsg_exit
strtol
strcpy
atol
remove
_initterm
wcstoul
isdigit
tolower
wcsrchr
clearerr
time
wcscat
wcstombs
fread
system
fputs
_ismbblead
calloc
_XcptFilter
setvbuf
iswdigit
_exit
atoi
exit
_cexit
fseek
__setusermatherr
isxdigit
iswalpha
wcstol
fflush
strncpy
wcscoll
__getmainargs
isprint

kernel32

FindResourceW
GetFullPathNameA
ClearCommBreak
HeapCreate
IsBadWritePtr
GlobalGetAtomNameA
LocalUnlock
LoadLibraryA
GlobalMemoryStatus
GetComputerNameExA
GetComputerNameA
EnumResourceNamesW
FindResourceA
GetThreadLocale
HeapSize
ReleaseMutex
LoadLibraryW
GetHandleInformation
UnhandledExceptionFilter
GetComputerNameExW
GetWindowsDirectoryW
UnlockFile
SetSystemTime
lstrlenW
ReadFile
GetCommandLineA
SetCommBreak
DeleteFileA
VerSetConditionMask
OpenFile
ResetEvent
GlobalMemoryStatusEx
GetProcAddress
DeviceIoControl
GetUserDefaultLCID
FindResourceExW
HeapAlloc
GetNumberFormatA
SetNamedPipeHandleState
GetBinaryTypeW
GetThreadTimes
OpenFileMappingW
GetCommModemStatus
IsValidLocale
HeapValidate
SetMailslotInfo
OpenEventW
GlobalGetAtomNameW
GlobalAlloc
GetCompressedFileSizeW
LoadLibraryExA
HeapFree
OpenFileMappingA
CreateMailslotW
GetCurrentThreadId
CreateEventA

comdlg32

FindTextW
PrintDlgW
GetFileTitleW
ReplaceTextW
CommDlgExtendedError
ChooseFontW

user32

ReleaseDC
GetSysColorBrush
SetMenu
EndDialog
SetWindowLongA
CreateIconFromResource
PeekMessageA
SwitchToThisWindow
BeginDeferWindowPos
GetDC
GetClassInfoA
OemToCharA
PostMessageW
TranslateMessage
CreatePopupMenu
GetKeyboardType
RedrawWindow
ActivateKeyboardLayout
OffsetRect
SetScrollInfo
GetClassNameW
GetMessageTime
GetWindowLongW
GetMenuItemID
EnumThreadWindows
CharToOemBuffA
DestroyCaret
RegisterClassW
IsCharAlphaNumericW
GetWindowDC
RemovePropW
GetMonitorInfoW
GetUpdateRect
CreateDialogIndirectParamW
CopyImage
GetSysColor
CopyRect
AllowSetForegroundWindow
LoadAcceleratorsW
DestroyIcon
ShowScrollBar
InvertRect
GetDoubleClickTime
ModifyMenuW
DialogBoxParamW
DefFrameProcA
GetWindowTextLengthW
DrawFrameControl
ShowCursor
DrawTextExW
SendMessageW
TrackPopupMenuEx
DrawIcon
EnumWindows
LoadAcceleratorsA
wvsprintfW
GetClassInfoExW
LoadIconA
SetWindowPos
CheckRadioButton
SetUserObjectInformationW
SetClassLongW
FindWindowW
FindWindowExW
GetMenuItemInfoW
IsChild
IsZoomed
GetSubMenu
InsertMenuW
EndPaint
DrawAnimatedRects
SetCaretPos
InvalidateRgn
AppendMenuW
MessageBoxW
GetDlgItem
SetFocus
SetWindowLongW
LoadImageA
SetScrollPos
wvsprintfA
MonitorFromRect
LoadCursorW
CreateCaret
DefFrameProcW
CharNextExA
SetRect
CopyAcceleratorTableW
SendMessageTimeoutA
GetDlgItemTextA
DialogBoxIndirectParamA
DestroyMenu
AdjustWindowRect
IsCharLowerA
BeginPaint
InsertMenuItemW
DefDlgProcW
CreateWindowExW
GetWindowRect
MoveWindow
DrawIconEx
OemToCharBuffA
SendDlgItemMessageW
CharLowerBuffW
LookupIconIdFromDirectory
ShowWindowAsync
ValidateRect
GetKeyboardLayoutList
CascadeWindows
GetPropW
SetWindowPlacement
RegisterClassExW
CharToOemA
LockWindowUpdate
DrawStateW
CharPrevA
InSendMessageEx
DeleteMenu
CharPrevW
GetCursorPos

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erts
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 1024B - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c66e48f2e42f7e60b3eb7eb077b9d65b

Headers

File Characteristics

Imports

msvcrt

kernel32

comdlg32

user32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.init Size: 6KB - Virtual size: 5KB

.erts Size: 512B - Virtual size: 86B

.wall Size: 1024B - Virtual size: 186KB

.info Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 2KB

.udata Size: 148KB - Virtual size: 147KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.init
Size: 6KB - Virtual size: 5KB

.erts
Size: 512B - Virtual size: 86B

.wall
Size: 1024B - Virtual size: 186KB

.info
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 2KB

.udata
Size: 148KB - Virtual size: 147KB

.reloc
Size: 1KB - Virtual size: 1KB