0bdbe38bc268a6280dbf9ab0a1741ef5

Sharing

Copy URL Twitter E-mail

General

Target

0bdbe38bc268a6280dbf9ab0a1741ef5
Size

97KB
MD5

0bdbe38bc268a6280dbf9ab0a1741ef5
SHA1

061ac5ed4a8c77baae5959beb9370a4aa6581d75
SHA256

e1f74a80ec698b9932f267ee6c5a72fb7af70d650abe2bca82daeadf41507c81
SHA512

932cf1b635c1ff4097184365a07327fcb257759eb4dd783b5eb1a4e594827806f52adeffc5364e3a5784009457ecd77ec2cdf1d8f317c4dfe82e8c90d6e91319
SSDEEP

3072:C2/kujfq3NSav2tRwzvz598RFZXZyI7/YlaKuPLM:v/xjq3NoRwzF98lhSaKuY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bdbe38bc268a6280dbf9ab0a1741ef5

Files

0bdbe38bc268a6280dbf9ab0a1741ef5
.exe windows:4 windows x86 arch:x86

d4a0a3f75a5dacaa3b665d56c8ff7bc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetScrollPos
GetMessageA
EnableMenuItem
FrameRect
EnumWindows
PostQuitMessage
SetWindowPos
EqualRect
SetWindowTextA
GetSubMenu
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx

kernel32

GetThreadLocale
GetCurrentProcessId
VirtualAllocEx
InterlockedExchange
GetFileAttributesA
GetTempPathA
GetSystemTime
SetUnhandledExceptionFilter
GetACP
QueryPerformanceCounter
GetTickCount
RtlUnwind
GetOEMCP
FileTimeToSystemTime
GetStartupInfoA
GetTimeZoneInformation
ExitProcess

gdi32

GetMapMode
FillRgn
SelectClipPath
SetViewportExtEx
CreateICW
ExcludeClipRect
DPtoLP
CopyEnhMetaFileA
CreateCompatibleBitmap

ole32

CoRevokeClassObject
StgOpenStorage
CoInitialize
CoTaskMemRealloc
DoDragDrop
CoInitializeSecurity
CoCreateInstance
OleRun
StringFromGUID2

advapi32

RegCreateKeyExW
CheckTokenMembership
GetSecurityDescriptorDacl
RegCreateKeyA
AdjustTokenPrivileges
QueryServiceStatus
RegQueryValueExW
CryptHashData
GetUserNameA
FreeSid

msvcrt

_fdopen
_strdup
fflush
_lock
_CIpow
signal
__initenv
_flsbuf
iswspace
fprintf
_mbscmp
__setusermatherr
puts
strcspn
strlen
__getmainargs
strncpy
raise

comctl32

ImageList_GetIcon
ImageList_LoadImageW
InitCommonControls
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_Write
ImageList_DragEnter
ImageList_Destroy
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_GetBkColor
ImageList_SetIconSize

shell32

DragAcceptFiles
SHBrowseForFolderA
ExtractIconExW
DragQueryFileW
DoEnvironmentSubstW
CommandLineToArgvW
DragQueryFileA
ExtractIconW
SHGetPathFromIDList
ShellExecuteW
ShellExecuteEx

oleaut32

SafeArrayPtrOfIndex
VariantCopy
SafeArrayCreate
SafeArrayPutElement
SysReAllocStringLen
SafeArrayRedim
SafeArrayGetUBound
SafeArrayUnaccessData

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4a0a3f75a5dacaa3b665d56c8ff7bc6

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 20KB - Virtual size: 34KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 20KB - Virtual size: 34KB