0af28e6c0e9ae01e165cd1ae55200a32

Sharing

Copy URL Twitter E-mail

General

Target

0af28e6c0e9ae01e165cd1ae55200a32
Size

284KB
MD5

0af28e6c0e9ae01e165cd1ae55200a32
SHA1

317aadc2b3f18c79ac9ee336e2bf5a336bcccc31
SHA256

d8d74ebad339b0df27d91def4a34850c645e16b45889925226d613735095f0a1
SHA512

5e48c3f5baabcd319ba5ff339278b72d5f2f3c5395e456a155650cf8dde29bc342c70feb2d9e5269fbb84a482cae5113bc1ca064afe101d0b0a3b81d21a244f9
SSDEEP

6144:geWNGbxjjpxtZaBsQL/GOMfMO22jyqtFYqS:geWNkjpD+se/GO9O22jybT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af28e6c0e9ae01e165cd1ae55200a32

Files

0af28e6c0e9ae01e165cd1ae55200a32
.exe windows:4 windows x86 arch:x86

747a6d1cce7d87416ffc984861cc65d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQueryEx
ReadProcessMemory
CloseHandle
ResumeThread
LoadLibraryA
GetModuleFileNameA
GetExitCodeThread
TerminateThread
CreateFileA
DeviceIoControl
GetProcessHeap
HeapFree
HeapAlloc
GlobalReAlloc
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
TerminateProcess
Sleep
lstrcpyA
GetVersionExA
GlobalMemoryStatus
GetModuleHandleA
CreateRemoteThread
GetLastError
GetThreadContext
WriteProcessMemory
WaitForSingleObject
GetProcAddress
FreeLibrary
GetStringTypeW
GetFileType
SetHandleCount
SetConsoleCtrlHandler
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringW
FreeEnvironmentStringsA
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
VirtualFree
HeapCreate
VirtualAlloc
HeapReAlloc
ReadFile
HeapDestroy
InterlockedIncrement
GetStringTypeA
SetStdHandle
SetFilePointer
InterlockedDecrement
OpenProcess
WriteFile
GetStdHandle
DebugBreak
GetVersion
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
IsBadWritePtr
ExitProcess
GetCPInfo
GetACP
FlushFileBuffers
OutputDebugStringA
GetOEMCP
SetEndOfFile
RtlUnwind

user32

RedrawWindow
GetClientRect
ReleaseCapture
SetWindowPos
GetDlgItemTextA
EnableWindow
GetWindowLongA
GetClassNameA
GetSubMenu
IsWindowEnabled
IsWindowVisible
ShowWindow
WindowFromPoint
ChildWindowFromPoint
SetClassLongA
LoadCursorA
LoadIconA
RegisterClassA
DialogBoxParamA
GetWindowRect
GetParent
LoadMenuA
ClientToScreen
EnableMenuItem
GetMessageA
TranslateMessage
DispatchMessageA
GetDlgItem
TrackPopupMenu
ScreenToClient
SetWindowTextA
SetDlgItemTextA
EndDialog
GetWindowThreadProcessId
MessageBoxA
GetCursorPos
CheckDlgButton
SetWindowLongA
IsDlgButtonChecked
IsWindow
PostMessageA
CreateDialogParamA
UpdateWindow
GetMenuItemID
GetMenu
GetDC
ReleaseDC
GetMenuState
ModifyMenuA
SetClipboardData
OpenClipboard
EmptyClipboard
GetWindowTextA
CloseClipboard
IsRectEmpty
SendMessageA
EnumWindows
FindWindowA
RemoveMenu
GetSystemMenu
AppendMenuA
GetWindowPlacement
SetCapture
SetCursor
DestroyMenu
SetWindowPlacement
GetDlgItemInt
GetMenuStringA
GetMenuItemCount
SystemParametersInfoA

gdi32

SelectObject
SetTextColor
CreateFontIndirectA
GetTextColor
GetObjectA
DeleteObject
DeleteDC
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA
StretchDIBits
SetDIBitsToDevice
SetStretchBltMode
RealizePalette
SelectPalette
StretchBlt
GetStockObject
CreatePalette
CreateDIBitmap
GetDIBits
LineTo
MoveToEx
Rectangle
SetROP2
CreatePen
SetBkColor
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseFontA
ChooseColorA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

ExtractIconA

comctl32

ImageList_Create
ord17
ImageList_SetBkColor
ImageList_ReplaceIcon

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

747a6d1cce7d87416ffc984861cc65d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

Sections

.text Size: 204KB - Virtual size: 204KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 832KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 36KB - Virtual size: 32KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 204KB - Virtual size: 204KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 832KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 36KB - Virtual size: 32KB

.reloc
Size: 12KB - Virtual size: 9KB