0b2a9aab858572e029a51c09b6a35aed

Sharing

Copy URL Twitter E-mail

General

Target

0b2a9aab858572e029a51c09b6a35aed
Size

124KB
MD5

0b2a9aab858572e029a51c09b6a35aed
SHA1

1124441256725ee5fb545f48638c09f0f0ba69f6
SHA256

ee0f11c92635fabca269fba917fb1ee432a78eab4761ab01848745f95171eabb
SHA512

c6e08aebf3c15c5af4c30d54f2bc5d38ca7f5e8780c81e0f82d7f33f66d6cf180ea80b204f7072ed8545e8c131ee50de746e5a8977a56f4a2a856044b9abb982
SSDEEP

1536:slnMg9bWAdy4nHfUHD28+wK3cotuFDcF4DfQKRx50KVT4iKEFXvxKqHslMTkbD:slNsAdy4n/UKw0co9FMfQeN/Xeyg7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b2a9aab858572e029a51c09b6a35aed

Files

0b2a9aab858572e029a51c09b6a35aed
.exe windows:4 windows x86 arch:x86

65d3499192d0cf1a7f4ab82e4cf927a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
MapViewOfFile
CreateFileMappingA
CloseHandle
GetFileSize
CreateFileA
SetFileAttributesW
MultiByteToWideChar
lstrlenA
CopyFileA
DeleteFileA
GetFileTime
FindNextFileA
SetFileAttributesA
lstrcpynA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
ReleaseMutex
WaitForSingleObject
lstrcmpiA
GetModuleFileNameA
GetTempFileNameA
GetTempPathA
ReadFile
SetFilePointer
CreateDirectoryA
GetCurrentProcess
FormatMessageA
GetLastError
ExitProcess
UnmapViewOfFile
SetCurrentDirectoryA
GetWindowsDirectoryA
SetFileTime
SystemTimeToFileTime
CreateProcessA
GetSystemDirectoryA
lstrcmpA
GetVersion
CreateThread
CreateMutexA
CreateSemaphoreA
Sleep
VirtualFree
VirtualAlloc
SizeofResource
LockResource
LoadResource
FindResourceA
GetDriveTypeA
GetLogicalDriveStringsA
ReleaseSemaphore
OpenSemaphoreA
GetComputerNameA
GetShortPathNameA
CompareStringW
SetEnvironmentVariableA
CompareStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
FindFirstFileA
FindClose
GetEnvironmentVariableA
lstrcatA
lstrcpyA
GetSystemTime
SetErrorMode
WinExec
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
HeapAlloc
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
HeapFree
HeapReAlloc
TerminateProcess
WideCharToMultiByte
LCMapStringA

user32

PostQuitMessage
wsprintfA
ShowWindow
DialogBoxParamA
EndDialog

advapi32

RegSetValueExA
RegCloseKey
RegRestoreKeyA
RegOpenKeyExA
RegSaveKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

shlwapi

PathQuoteSpacesA

ws2_32

WSACleanup
inet_addr
gethostbyname
WSAStartup

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

65d3499192d0cf1a7f4ab82e4cf927a2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

ws2_32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 60KB - Virtual size: 60KB