0be6b8e75623506836814e2af7d74855

Sharing

Copy URL

Twitter E-mail

General

Target

0be6b8e75623506836814e2af7d74855
Size

501KB
MD5

0be6b8e75623506836814e2af7d74855
SHA1

c1cf085a5720a7b31692f1262488bdd9520c5d06
SHA256

e760d2e4ed957bb834ae743e8f8dc6d570c6a45577ff7cdc8da7573d619716f6
SHA512

f4d942ad3e8db6787865a7aee25ae0880d004e88087b026e05366138a903addf3353f38c32a19d64d924e4e2bc330d4ffba36827470c837077bff8c9d1853558
SSDEEP

12288:H7gKBvDPOYgDETCDmWJbtPff9RlDqjwRGgA:0SDPOYgDETCDNJbtPXTZ7RGg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0be6b8e75623506836814e2af7d74855

Files

0be6b8e75623506836814e2af7d74855
.exe windows:4 windows x86 arch:x86

6f9d63b01e0a41b508f8b87899c47744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDataFromIDListW
SHLoadInProc
ShellExecuteA
ExtractAssociatedIconExA

comctl32

InitCommonControlsEx

kernel32

FileTimeToDosDateTime
GetModuleHandleA
GetThreadLocale
VirtualAlloc
TlsSetValue
GetStdHandle
TlsGetValue
TlsFree
CompareStringW
HeapFree
GetConsoleMode
SetHandleCount
GetProfileStringA
OpenMutexA
HeapReAlloc
IsValidCodePage
GetLastError
DeleteCriticalSection
HeapSize
LoadLibraryA
HeapDestroy
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentThreadId
HeapCreate
GetLocaleInfoW
SetEnvironmentVariableA
ExitProcess
MultiByteToWideChar
InterlockedDecrement
TerminateProcess
ReadFile
RtlUnwind
Sleep
SetStdHandle
SystemTimeToTzSpecificLocalTime
SetConsoleCtrlHandler
GetModuleFileNameA
GetVersionExA
ReadConsoleOutputCharacterA
GetStartupInfoA
GetCurrentProcessId
WriteConsoleA
CreateDirectoryA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryW
GetProcAddress
CreateMutexA
WideCharToMultiByte
SetFilePointer
GetThreadPriorityBoost
GetDateFormatA
CreateFileA
GetMailslotInfo
SetConsoleTitleA
LeaveCriticalSection
WriteFile
lstrcmpA
GetProcessHeap
LCMapStringA
GetTimeFormatA
VirtualFree
GetUserDefaultLCID
GetStringTypeA
EnumSystemLocalesA
IsDebuggerPresent
GetFileType
FlushFileBuffers
SetTimeZoneInformation
GetEnvironmentStrings
lstrcatW
GetACP
QueryPerformanceCounter
AllocConsole
InitializeCriticalSection
GetTickCount
GetCurrentThread
FreeLibrary
GetOEMCP
CompareStringA
GetProcessAffinityMask
FreeEnvironmentStringsW
lstrcmp
FoldStringW
GetLocaleInfoA
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
GetEnvironmentStringsW
GetTempFileNameA
InterlockedIncrement
GetCommandLineA
GetTempFileNameW
TlsAlloc
IsValidLocale
GetConsoleCP
SetLastError
GetCPInfo
HeapAlloc
EnterCriticalSection
GetSystemTimeAsFileTime
WritePrivateProfileStringA
lstrcpynW
CloseHandle
GetCurrentProcess
VirtualQuery
FreeEnvironmentStringsA

user32

OemKeyScan
GetSysColorBrush
ClientToScreen
ReleaseDC
IsIconic
SendDlgItemMessageW
CreateWindowStationA
OpenDesktopW
EnumDisplaySettingsExW
RegisterClipboardFormatA
CopyImage
LoadImageA
SetClipboardData
SetKeyboardState
SendNotifyMessageA
IsCharLowerW
LookupIconIdFromDirectoryEx
RegisterClassExA
RegisterClassA

Sections

.text
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f9d63b01e0a41b508f8b87899c47744

Headers

File Characteristics

Imports

shell32

comctl32

kernel32

user32

Sections

.text Size: 343KB - Virtual size: 343KB

.rdata Size: 44KB - Virtual size: 61KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 343KB - Virtual size: 343KB

.rdata
Size: 44KB - Virtual size: 61KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 7KB - Virtual size: 6KB