0bf2de65ea1d61fba8c7b88701b22506

Sharing

Copy URL Twitter E-mail

General

Target

0bf2de65ea1d61fba8c7b88701b22506
Size

247KB
MD5

0bf2de65ea1d61fba8c7b88701b22506
SHA1

1172775969afa7fd92579f7724aafdcd6a49eda9
SHA256

229da27074471bc5d3e1db9e9d5090108eac4e337b29395021c07a2068673baf
SHA512

9bc43189b3ce4fa9932d3b8d53b47808eb41a9a2d2ad63915b467f606dfeac54cdf31642756b2c4c28c86783c139e95aefbcffc90d7c1447ad0d50f739a2db64
SSDEEP

6144:3R1dX9sPRHA6E29LxYtRDKwd3lqkFpNUWSRQ/:pYRgS1Ytlxd1qYpNUWSa/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bf2de65ea1d61fba8c7b88701b22506

Files

0bf2de65ea1d61fba8c7b88701b22506
.exe windows:4 windows x86 arch:x86

3b062d73e4b0917c37d1ca164bdc12b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptContextAddRef
CreateServiceA
LogonUserW
RegSetValueExA
CryptSetProviderW
RegQueryValueExA
InitiateSystemShutdownW
CryptDestroyKey
AbortSystemShutdownA
CryptDestroyHash
RegCreateKeyA
RegDeleteKeyA

shell32

CheckEscapesW
DragAcceptFiles
SHFileOperationA
RealShellExecuteA
SHChangeNotify
ShellAboutA
SHGetDataFromIDListA
InternalExtractIconListW
FindExecutableW
SHBrowseForFolderW
DoEnvironmentSubstA
DragQueryPoint
DragQueryFileA

wininet

HttpQueryInfoW
InternetUnlockRequestFile
SetUrlCacheConfigInfoW
SetUrlCacheEntryInfoA
RetrieveUrlCacheEntryFileA
CommitUrlCacheEntryW
SetUrlCacheHeaderData
ShowCertificate
SetUrlCacheEntryGroupA
FtpPutFileEx
InternetDialA
FtpDeleteFileW
RetrieveUrlCacheEntryStreamA
GopherFindFirstFileW
DetectAutoProxyUrl
GopherCreateLocatorA
HttpAddRequestHeadersW
InternetConnectA
InternetCheckConnectionA
InternetFindNextFileA
FtpGetFileSize
GopherOpenFileW
FindNextUrlCacheContainerA

comdlg32

ChooseColorW
GetFileTitleA
ChooseColorA
GetOpenFileNameA
PrintDlgW
GetSaveFileNameA
ReplaceTextA
FindTextA
ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgA
ReplaceTextW
FindTextW

kernel32

FreeLibrary
TlsAlloc
GetTickCount
GlobalGetAtomNameA
HeapAlloc
TerminateProcess
GetStdHandle
GetCurrentThread
GetFileType
InterlockedIncrement
GetEnvironmentStringsW
TlsSetValue
GetStartupInfoA
FindFirstFileW
HeapFree
CompareStringA
EnterCriticalSection
VirtualQuery
GetCPInfo
SetConsoleCtrlHandler
FileTimeToLocalFileTime
HeapReAlloc
GetModuleHandleA
GetTimeFormatA
IsValidLocale
MultiByteToWideChar
GetTimeFormatW
GetOEMCP
GetLastError
WriteFile
GetLocaleInfoA
TlsFree
GetModuleFileNameW
SetLastError
GetStartupInfoW
LeaveCriticalSection
GetStringTypeW
GetCurrentProcessId
UnhandledExceptionFilter
Sleep
HeapSize
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
LCMapStringA
RtlUnwind
SetEnvironmentVariableA
GetDateFormatA
InterlockedDecrement
GetCurrentProcess
GetSystemTimeAsFileTime
HeapCreate
EnumSystemLocalesA
GetTimeZoneInformation
GetProcAddress
CompareStringW
VirtualAlloc
VirtualFree
SetUnhandledExceptionFilter
lstrcpyn
InterlockedExchange
HeapDestroy
FreeEnvironmentStringsW
GetCommandLineW
WriteProfileSectionW
GetACP
LoadLibraryA
SetHandleCount
ExitProcess
CreateFileA
GetStringTypeA
DeleteCriticalSection
WideCharToMultiByte
QueryPerformanceCounter
GetUserDefaultLCID
IsValidCodePage
IsDebuggerPresent
LCMapStringW
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
GetLocaleInfoW

gdi32

StartDocW
DescribePixelFormat
CopyEnhMetaFileA
EnumObjects
CreateDIBSection
GetDeviceGammaRamp
EnumMetaFile
GetBkColor
GetICMProfileA
CreateColorSpaceA
CreateEllipticRgn
IntersectClipRect
GdiPlayJournal
CreateEnhMetaFileA
CreateEnhMetaFileW
GetDeviceCaps
SetBkMode
Polygon

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b062d73e4b0917c37d1ca164bdc12b4

Headers

File Characteristics

Imports

advapi32

shell32

wininet

comdlg32

kernel32

gdi32

Sections

.text Size: 122KB - Virtual size: 121KB

.data Size: 113KB - Virtual size: 139KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 122KB - Virtual size: 121KB

.data
Size: 113KB - Virtual size: 139KB

.rsrc
Size: 11KB - Virtual size: 11KB