0ac25d344c8b0b5903f3160aea41b893

Sharing

Copy URL Twitter E-mail

General

Target

0ac25d344c8b0b5903f3160aea41b893
Size

620KB
MD5

0ac25d344c8b0b5903f3160aea41b893
SHA1

25d03e9039dab2c68c280809dde713576d9e7807
SHA256

c3fd96e9688e2fcc432a124de008ee21df5761048e33a29db66180be9d934d86
SHA512

e26a194dc21d9493317ef4e47083fe88a4623da7da1806c5905a92e2019f22d97a0826524446907913c3868214547e105247abf0938430926a4876ee36670ef9
SSDEEP

12288:OUY4iIdwnkF9ponKKVX+AtIUxbo72/AX02IwZWg:7YWinMpon3X+AtI57rbDZWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ac25d344c8b0b5903f3160aea41b893

Files

0ac25d344c8b0b5903f3160aea41b893
.exe windows:4 windows x86 arch:x86

6842326f442334076f70b4b5bc4b2dde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetFlags
DestroyPropertySheetPage
ImageList_GetIcon
InitMUILanguage
ImageList_SetImageCount
ImageList_DragLeave
ImageList_Merge
ImageList_LoadImageW
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_GetBkColor
DrawStatusText
_TrackMouseEvent
ImageList_SetFilter
ImageList_EndDrag
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_SetIconSize
ImageList_SetBkColor

comdlg32

ReplaceTextW
ChooseFontA
ChooseFontW

wininet

InternetQueryDataAvailable
FtpDeleteFileW
FindFirstUrlCacheGroup

kernel32

GetTimeFormatA
GetDiskFreeSpaceExW
RtlUnwind
GetEnvironmentStrings
SetEnvironmentVariableA
WideCharToMultiByte
InterlockedExchange
CreateDirectoryA
CloseHandle
GetCommandLineW
VirtualQuery
ReleaseSemaphore
GetCommandLineA
GetModuleFileNameW
VirtualFree
GetCPInfo
GetFullPathNameA
GetConsoleOutputCP
CompareStringA
GetStartupInfoA
HeapFree
SetHandleCount
GetWindowsDirectoryW
CreateWaitableTimerA
GetNamedPipeHandleStateW
GetOEMCP
IsBadWritePtr
IsValidCodePage
GetUserDefaultLCID
EnumSystemLocalesA
VirtualProtect
LeaveCriticalSection
ReadConsoleOutputW
GetSystemTimeAsFileTime
ReleaseMutex
HeapLock
HeapDestroy
MoveFileExA
GetProcAddress
GetTimeZoneInformation
TlsFree
HeapSize
LCMapStringA
HeapReAlloc
CreateThread
CreateRemoteThread
GetDriveTypeW
GetStringTypeW
GetThreadPriorityBoost
GetNamedPipeInfo
ExitProcess
GetCurrentProcessId
GetVersionExA
CommConfigDialogA
TlsGetValue
SetThreadAffinityMask
FreeEnvironmentStringsW
GetTickCount
CreateFileMappingA
GetACP
GetStartupInfoW
HeapAlloc
LCMapStringW
GetCompressedFileSizeW
CopyFileExA
OpenEventW
GetStdHandle
LoadResource
WriteConsoleOutputW
IsValidLocale
LoadLibraryA
GetCalendarInfoW
GetVolumeInformationW
GetCurrentThreadId
SetLastError
SetFilePointer
SetComputerNameA
FindResourceA
GetFileType
OpenMutexA
DeleteFiber
CompareStringW
CreateMutexA
TerminateProcess
SetStdHandle
GetConsoleCP
WriteProfileStringA
GetLastError
GetDateFormatA
TlsSetValue
QueryPerformanceCounter
UnhandledExceptionFilter
InitializeCriticalSection
FreeEnvironmentStringsA
GetShortPathNameW
GetModuleHandleA
GetEnvironmentStringsW
WritePrivateProfileStructW
VirtualAlloc
EnterCriticalSection
TlsAlloc
HeapCreate
GetCurrentThread
SetCriticalSectionSpinCount
DeleteCriticalSection
MultiByteToWideChar
GetLocaleInfoW
GetLocaleInfoA
OpenMutexW
GetSystemInfo
GlobalFlags
GetCurrentProcess
WriteFile
FlushFileBuffers
GetStringTypeA
ReadFile
GetProcessHeap
SetConsoleCursorInfo
CreateDirectoryExW
GetModuleFileNameA

user32

DestroyWindow
DefWindowProcW
RegisterClassA
SetClassWord
EndTask
DdeQueryConvInfo
VkKeyScanW
SetDlgItemTextA
GetMenu
GetWindowWord
GetClassLongW
MapWindowPoints
ReuseDDElParam
SetActiveWindow
RegisterClassExA
ShowOwnedPopups
DdeCreateDataHandle
GetKBCodePage
DdeDisconnectList
CreateWindowExW
GetAltTabInfo
ActivateKeyboardLayout
DestroyMenu
CloseDesktop
MessageBoxW
ShowWindow
CharLowerW
GetLastActivePopup
CopyAcceleratorTableA
SetMenuItemBitmaps
PostQuitMessage
FindWindowExW

shell32

ExtractIconW
SHGetPathFromIDListW

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6842326f442334076f70b4b5bc4b2dde

Headers

File Characteristics

Imports

comctl32

comdlg32

wininet

kernel32

user32

shell32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 88KB - Virtual size: 85KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 88KB - Virtual size: 85KB