0b1f4d5dc517b8b73f095250157d3c95

Sharing

Copy URL

Twitter E-mail

General

Target

0b1f4d5dc517b8b73f095250157d3c95
Size

388KB
MD5

0b1f4d5dc517b8b73f095250157d3c95
SHA1

ccb58368c534acbde8645863d1f6e09c1437472b
SHA256

8cfdc8d3f27da86330af75e124661e36c6726bcc1860e70f2d6458ab65017cd2
SHA512

a3ad9c1746dbea5472563a526b60a5dc089fe578e329231b43045ca0666e1d3815d31dae7c3c78911f026b36c35e749fb0adc3540a6e854637830fe9d68ed8b6
SSDEEP

6144:wGQK0hfbaBA5vheHJtssAHjT830g5NMP22jrgu+/dUEHJD86WA1y/Ee:6b6A54JtssADTXJ+dU+hRWD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b1f4d5dc517b8b73f095250157d3c95

Files

0b1f4d5dc517b8b73f095250157d3c95
.exe windows:4 windows x86 arch:x86

3786e77ef1e3cbc71e22f028772afe26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegCloseKey
RegSetValueExA

kernel32

UnmapViewOfFile
IsValidCodePage
GetEnvironmentStrings
GetCurrentThreadId
GlobalLock
GetACP
lstrcpynA
CloseHandle
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
HeapCreate
GetLastError
InterlockedIncrement
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
ExpandEnvironmentStringsA
DuplicateHandle
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
GetWindowsDirectoryA
GetModuleHandleW
CreateDirectoryA
LCMapStringW
GetFileSize
DeleteFileA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
VirtualFree
GetVersion
SetEndOfFile
CreateEventW
VirtualQuery
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
GetStartupInfoA
CreateFileA
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
FormatMessageW
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
LoadLibraryW
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetCurrentThread
RtlUnwind
FatalAppExitA
IsBadWritePtr
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
Sleep
FindResourceA
GetCommandLineA
lstrlenA
VirtualAlloc
LeaveCriticalSection

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen

gdi32

SetBkMode
SelectObject
GetDeviceCaps
DeleteObject
CreateSolidBrush

user32

SetCursor
CallWindowProcA
GetClientRect
SendMessageA
InvalidateRect
IsWindowVisible
SystemParametersInfoA
GetKeyState
GetSysColor
MessageBoxA
GetFocus
EndDialog
ReleaseDC
SetForegroundWindow
GetDesktopWindow
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
GetWindowLongA
SetWindowLongA
ReleaseCapture
SetCapture
GetWindowRect
EnableMenuItem
GetSystemMetrics
DefWindowProcA
BeginPaint
SetFocus
EndPaint
DispatchMessageA
FillRect
SetTimer
GetSubMenu
RegisterClassA
IsIconic
TranslateMessage
SetWindowPos
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
TrackPopupMenu
GetDC
IsWindow
PostQuitMessage

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3786e77ef1e3cbc71e22f028772afe26

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

gdi32

user32

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 704B

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 704B