0b03bfa7c1cbe6a373095ae322093c9b

Sharing

Copy URL Twitter E-mail

General

Target

0b03bfa7c1cbe6a373095ae322093c9b
Size

204KB
MD5

0b03bfa7c1cbe6a373095ae322093c9b
SHA1

5c21e34012d2237759f973b88bdaa3b3106a29f6
SHA256

b38d3c48bb23fc31296b4d6f2a1204b9e4748a0fb33000f3b707dfae027761e5
SHA512

fd5e87f59fbb87b1da2bf10d1f647d66e05f5c183f64af434113c0ab56432fa6878ee39fe29ede3b871defc9295691eebb6632c54083000d61684e26b6bb71be
SSDEEP

3072:oUy2/suZqllHf1ri7cbBQ44DTNzAnOBmPcFlbliJeI/2FJ10UbwTog:oWnqP9OYbBuDiomPN/MJyKwc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b03bfa7c1cbe6a373095ae322093c9b

Files

0b03bfa7c1cbe6a373095ae322093c9b
.exe windows:4 windows x86 arch:x86

9944af471a2e06a3e99aabc5dd2cd097

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHGetDiskFreeSpaceA
SHGetDesktopFolder
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHFileOperationA
SHGetDesktopFolder

advapi32

RegLoadKeyA
RegEnumKeyExA
RegDeleteValueA
RegEnumValueA

gdi32

GetPaletteEntries
CreateBitmap

msvcrt

exp
calloc
memcmp
rand
tan
rand
swprintf
tan
log10
strncmp
calloc
log
atan
memset

user32

GetIconInfo
CharToOemA
SetTimer
MapVirtualKeyA
EnumThreadWindows
EnableScrollBar
PeekMessageA
EnableWindow
GetScrollPos
GetMenuItemCount
MsgWaitForMultipleObjects
DrawFrameControl
GetSubMenu
GetParent
SetWindowPos
SetMenu
SetMenuItemInfoA
GetSystemMetrics
DestroyCursor
GetDC
DrawTextA
IsChild
CharLowerA
InsertMenuItemA
GetScrollRange

ole32

CoCreateGuid
CoReleaseMarshalData
StgCreateDocfileOnILockBytes
CreateBindCtx
CoRegisterClassObject
OleCreateStaticFromData
CoRegisterClassObject
OleRun
CoGetContextToken
CoGetObjectContext
CoRevokeClassObject
MkParseDisplayName
StgCreateDocfileOnILockBytes

comctl32

ImageList_Add
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor
ImageList_Destroy
ImageList_Read
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Draw
ImageList_Create
ImageList_Write
ImageList_Read
ImageList_Add

comdlg32

GetOpenFileNameA
GetFileTitleA

version

GetFileVersionInfoA
VerInstallFileA
VerFindFileA

kernel32

GlobalAlloc
EnumCalendarInfoA
IsBadReadPtr
LoadLibraryExA
GetCurrentProcessId
CreateFileA
lstrcatA
GetLocaleInfoA
IsBadHugeReadPtr
LoadLibraryA
VirtualFree
GetCommandLineW
GetVersionExA
HeapDestroy
lstrcpynA
GetFullPathNameA
lstrlenW
GetTickCount
lstrcpyA
GetModuleFileNameA
GetACP
LocalReAlloc
GetModuleHandleA
GetProcAddress
SetEndOfFile
lstrlenA
GetCommandLineA
VirtualQuery
GetStringTypeW
GetSystemDefaultLangID
GetEnvironmentStrings
ExitProcess
EnterCriticalSection
ExitThread
ReadFile
CloseHandle
CompareStringA
FindClose
SetHandleCount
VirtualAllocEx
MoveFileA
GetProcessHeap
GetFileAttributesA
WriteFile
GetLastError
DeleteCriticalSection
VirtualAlloc
MulDiv
SetLastError
GetDiskFreeSpaceA
FreeLibrary
HeapDestroy
GetCurrentThread
ExitThread
SizeofResource
LocalAlloc
VirtualAlloc
SetLastError
lstrcmpA
lstrlenA
IsBadHugeReadPtr
DeleteCriticalSection
VirtualQuery
GetStdHandle
GetModuleHandleA
MoveFileExA
LoadResource
SetThreadLocale
GetSystemDefaultLangID
VirtualAllocEx
GetUserDefaultLCID
CreateEventA
GetModuleFileNameA
ReadFile
lstrcpyA
GetStringTypeW
GlobalAddAtomA
lstrcmpiA
GetProcAddress
GetCommandLineW
CloseHandle
GetACP
SetHandleCount
FindFirstFileA
GetDateFormatA
EnterCriticalSection
GetStartupInfoA
FreeResource
SetErrorMode
GetTickCount
CompareStringA
SetEndOfFile
CreateThread
GetFileType
RaiseException
SetFilePointer
GetModuleHandleW
FormatMessageA
GlobalAlloc
CreateFileA
GetVersionExA
GetStringTypeA
lstrcpynA
WaitForSingleObject
SetEvent

oleaut32

SysStringLen
GetErrorInfo
SafeArrayGetUBound
VariantCopyInd
SafeArrayPtrOfIndex

shlwapi

SHStrDupA
SHSetValueA
PathIsDirectoryA
SHEnumValueA
PathFileExistsA
SHQueryInfoKeyA
SHQueryValueExA
SHDeleteKeyA
SHGetValueA
PathGetCharTypeA

Sections

CODE
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1001B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9944af471a2e06a3e99aabc5dd2cd097

Headers

File Characteristics

Imports

shell32

advapi32

gdi32

msvcrt

user32

ole32

comctl32

comdlg32

version

kernel32

oleaut32

shlwapi

Sections

CODE Size: 92KB - Virtual size: 88KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 1001B

.bss Size: 8KB - Virtual size: 6KB

.ddata Size: 72KB - Virtual size: 68KB

.rsrc Size: 8KB - Virtual size: 7KB

CODE
Size: 92KB - Virtual size: 88KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 1001B

.bss
Size: 8KB - Virtual size: 6KB

.ddata
Size: 72KB - Virtual size: 68KB

.rsrc
Size: 8KB - Virtual size: 7KB