0b2ec156a2cf2ad52885ab99c1d040b7

Sharing

Copy URL Twitter E-mail

General

Target

0b2ec156a2cf2ad52885ab99c1d040b7
Size

401KB
MD5

0b2ec156a2cf2ad52885ab99c1d040b7
SHA1

18c00399748449c6dd53e9500931ab5ec482e849
SHA256

128d12d29412d0b6fa81e8999fa4aec3ed07977ba38fd124fa509e4def533851
SHA512

9fd5ab5770aaff8247fcf09ca4aa14d7fda4abb728d13b36bf84a9a44b54f84d5076e716262b4466f7e44048722a5b19a6d85dc7bfb9e1258b9f76f02c029148
SSDEEP

6144:OxSgUthMCB5z2BbahohZo/QHgK56ZAvPJ/MpPtFESDvxYNiYMppWIQBZzK:PjjbDzOahohZoed6uh+DZYNiYM2DBZW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b2ec156a2cf2ad52885ab99c1d040b7

Files

0b2ec156a2cf2ad52885ab99c1d040b7
.exe windows:4 windows x86 arch:x86

86fca1f9ba593057374e2db2f98e0726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapSize
LocalShrink
GetConsoleCP
GetTimeFormatA
EnterCriticalSection
HeapAlloc
LoadLibraryA
GetACP
TlsGetValue
GetTempFileNameW
GetFileAttributesExA
DeleteCriticalSection
GetEnvironmentStrings
WriteFile
SetLastError
GetCurrentThread
GetVersionExA
HeapCreate
CompareStringA
VirtualProtect
GetLocaleInfoA
HeapDestroy
GetLocaleInfoW
GetNumberFormatA
IsValidCodePage
GetStringTypeW
GetUserDefaultLCID
GetProcAddress
FreeEnvironmentStringsA
GetTimeZoneInformation
HeapFree
GetPrivateProfileStructA
GetLastError
LocalFileTimeToFileTime
IsValidLocale
VirtualQuery
TlsFree
LCMapStringA
UnhandledExceptionFilter
GetDateFormatA
LCMapStringW
FreeEnvironmentStringsW
GetSystemInfo
HeapReAlloc
TlsAlloc
ExitProcess
EnumSystemLocalesA
CompareStringW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetEnvironmentVariableA
GetModuleHandleA
GetStdHandle
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
VirtualFree
InitializeCriticalSection
GetFileType
GetStringTypeA
GetCurrentProcessId
GetModuleFileNameA
SetHandleCount
GetEnvironmentStringsW
GlobalFree
GetTickCount
IsBadWritePtr
GetCPInfo
GetStartupInfoA
WideCharToMultiByte
TlsSetValue
RtlUnwind
GetOEMCP
GetSystemTimeAsFileTime
InterlockedExchange

gdi32

ScaleWindowExtEx
PolyBezierTo
CreateSolidBrush
GetTextMetricsW
SelectPalette
DPtoLP
GetBitmapDimensionEx
GetCharABCWidthsW
CreateBrushIndirect
PtVisible
StretchDIBits
GetWindowExtEx
TextOutA
CreateColorSpaceA
EnumICMProfilesA
GetRegionData

wininet

FindFirstUrlCacheEntryExA
CreateUrlCacheContainerW
SetUrlCacheConfigInfoA
FtpOpenFileW
InternetFindNextFileA
DeleteUrlCacheGroup
InternetCreateUrlA
InternetQueryOptionW

comdlg32

FindTextW
ChooseColorA
PrintDlgW
GetSaveFileNameW
PageSetupDlgW
ReplaceTextA
ChooseFontA
ChooseFontW
GetFileTitleA
ReplaceTextW
GetOpenFileNameW
PrintDlgA
FindTextA
GetOpenFileNameA
ChooseColorW
GetSaveFileNameA
PageSetupDlgA

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86fca1f9ba593057374e2db2f98e0726

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

comdlg32

Sections

.text Size: 121KB - Virtual size: 121KB

.data Size: 271KB - Virtual size: 271KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 121KB - Virtual size: 121KB

.data
Size: 271KB - Virtual size: 271KB

.rsrc
Size: 7KB - Virtual size: 7KB