0a4124db2d4a2afa83fa81c0206d7d4b

Sharing

Copy URL Twitter E-mail

General

Target

0a4124db2d4a2afa83fa81c0206d7d4b
Size

240KB
MD5

0a4124db2d4a2afa83fa81c0206d7d4b
SHA1

3b7fd1ad756621cae0d6c7aefa8a2953c86c69bc
SHA256

6dc42fb87701d8e256061d8671a623803ccc62564a65f9b4246be392a45a5eb7
SHA512

cacff0baab0b65b35c3bae8caf9adcacaaa24aaac650724bacbc21438507264d62c3088e9bebbcfbacda3351d1a6ed6bd9dec6627b46ebbe26fcbdb859416f0a
SSDEEP

6144:kK4dfM5xManJcqqPoy/9jGcTCFzFVahzqvO1u/:kKOfqMa+1b/96jRfahuvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a4124db2d4a2afa83fa81c0206d7d4b

Files

0a4124db2d4a2afa83fa81c0206d7d4b
.exe windows:4 windows x86 arch:x86

4bf3df46c0ff162f450586ac2948c2f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
GetLocaleInfoW
EnumResourceLanguagesW
GetEnvironmentVariableW
GetDateFormatA
GetFileAttributesA
HeapAlloc
UnhandledExceptionFilter
MultiByteToWideChar
HeapSize
SetLastError
FormatMessageW
GetStringTypeW
WriteConsoleInputA
LCMapStringW
LeaveCriticalSection
WriteFile
GetFileType
GetLastError
SuspendThread
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
FreeEnvironmentStringsA
GetProfileIntA
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
GetProcAddress
CreateRemoteThread
GetEnvironmentStrings
TlsGetValue
EnumCalendarInfoExW
DeleteCriticalSection
WaitCommEvent
GetStartupInfoW
VirtualQuery
HeapDestroy
TlsFree
IsBadWritePtr
DeleteFileA
GetStringTypeA
SetEnvironmentVariableA
GetCurrentThread
HeapReAlloc
HeapCreate
ExitProcess
SetSystemTime
MapViewOfFile
VirtualAlloc
TlsSetValue
QueryPerformanceCounter
GetCurrentProcess
GetTimeZoneInformation
GetModuleHandleA
GetCPInfo
GetSystemInfo
GetTimeFormatA
GetCurrentThreadId
IsValidCodePage
VirtualProtect
CompareStringW
GetCommandLineA
GetCurrentProcessId
GetModuleFileNameA
GetUserDefaultLCID
CompareStringA
EnterCriticalSection
GetTickCount
GetOEMCP
MoveFileA
GetACP
LCMapStringA
InitializeCriticalSection
RtlUnwind
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedExchange
GetVersionExA
lstrcmpi
SetFileTime
GetCommandLineW
WideCharToMultiByte
GetModuleFileNameW
GetStdHandle
HeapFree
TerminateProcess
LoadLibraryA
CreateToolhelp32Snapshot
TlsAlloc
VirtualFree
DeleteFiber

wininet

InternetConfirmZoneCrossingW
InternetGetCertByURL
InternetSetOptionExW
FtpGetFileSize
CreateUrlCacheContainerW
InternetSecurityProtocolToStringA
CommitUrlCacheEntryW
InternetGetCookieW
DeleteIE3Cache
SetUrlCacheGroupAttributeA
InternetTimeToSystemTimeA
FreeUrlCacheSpaceW
InternetCloseHandle
InternetTimeToSystemTime
DeleteUrlCacheEntryW
IsHostInProxyBypassList

gdi32

GetRegionData
SetROP2
CopyMetaFileA
SetSystemPaletteUse
GetDeviceCaps
ColorCorrectPalette
CombineTransform
GetTextFaceA
SetPaletteEntries
GetAspectRatioFilterEx
LineTo
GetBoundsRect
GetCharWidth32A
CreatePalette
CreatePenIndirect
EnumFontFamiliesW
CreateBitmap
SetColorSpace
DeleteObject
GetBkMode
SetPixelFormat
SetBkColor
AbortDoc
CreatePolygonRgn
GetSystemPaletteEntries

advapi32

CryptSetProviderExA
CryptHashSessionKey
CryptGetUserKey
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyW
RegSetValueW
CryptReleaseContext
RegLoadKeyA
ReportEventA
CryptDecrypt
RegQueryMultipleValuesA
LookupAccountNameW
LookupPrivilegeValueA
RegReplaceKeyA

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bf3df46c0ff162f450586ac2948c2f3

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

advapi32

Sections

.text Size: 99KB - Virtual size: 99KB

.data Size: 135KB - Virtual size: 158KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 99KB - Virtual size: 99KB

.data
Size: 135KB - Virtual size: 158KB

.rsrc
Size: 5KB - Virtual size: 4KB