0b4b1094bb06cc7c3e1a9e4801ac16db

Sharing

Copy URL Twitter E-mail

General

Target

0b4b1094bb06cc7c3e1a9e4801ac16db
Size

612KB
MD5

0b4b1094bb06cc7c3e1a9e4801ac16db
SHA1

bfead50cb6a179098c82148552f45cbcb2e49143
SHA256

b0e612a7412ba99c8c32658bf8f39b6d92fc4c690026363e8c2c71f9de3f0c83
SHA512

ab888b90ece55117725f85e4c59ffa3424048e9fb2751168366ac28f6849ab4b5c5c0f854c45fca840ab2a1d0fbdcb149949df407354007d4af04814c3df2ffe
SSDEEP

12288:2uREsAW3HOBtGGuos4Zh/wPSPWUS9DixsV5D3VBa:2yPAW3HOTGGuos4gjUS9DesV5jVk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b4b1094bb06cc7c3e1a9e4801ac16db

Files

0b4b1094bb06cc7c3e1a9e4801ac16db
.exe windows:4 windows x86 arch:x86

81d718ddb02e4decb18371f3f0f00a60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateAccelerator
LoadImageA
LoadStringA
GetShellWindow
wsprintfW
WinHelpW
DrawTextW
DragDetect
GetKeyboardLayoutList
GetMenuCheckMarkDimensions
SetFocus
SetClassLongW
DdeConnect
CallWindowProcW
SetSystemCursor
GetDlgItem
GetClassNameW
GetWindowInfo
SetDebugErrorLevel
ShowCursor
FillRect
EnumWindowStationsW
TranslateMDISysAccel
DdeFreeStringHandle
MapWindowPoints
SetTimer
EditWndProc
SetCapture
DestroyMenu
MapDialogRect
FindWindowA
CreateWindowStationA
CreateDialogParamW
GetDlgItemInt
GetMenuStringA
VkKeyScanExA
SetWindowWord
CreateCursor
CreateIcon
SetRect
EnumWindowStationsA
ModifyMenuA
RegisterWindowMessageA
RedrawWindow
SetClipboardData
CharToOemW
GetAsyncKeyState
CheckRadioButton
DdeQueryStringW
WINNLSGetEnableStatus
RegisterClassA
GetDlgItemTextA
HideCaret
RemoveMenu
GetDlgCtrlID
EnumDisplayDevicesW
AdjustWindowRectEx
VkKeyScanA
MessageBoxExW
SetWindowRgn
SetWindowsHookA
IsWindowVisible
PostQuitMessage
OpenInputDesktop
SendIMEMessageExW
UpdateWindow
GetClipboardViewer
GetCaretBlinkTime
SetThreadDesktop
InvalidateRgn
GetMenuItemCount
CharNextA
DdeCmpStringHandles
AppendMenuA
GetCapture
GetKeyboardState
CopyImage
ScrollWindowEx
InsertMenuItemW
GetKeyboardType
GetKBCodePage
GetKeyNameTextA
GetActiveWindow
DdeClientTransaction
RegisterClassExA
GetWindowRgn
CreateMDIWindowA
DefWindowProcW
SetMenuItemInfoA
InvalidateRect
SendMessageTimeoutW
GetCursor

kernel32

GetLongPathNameW
LCMapStringW
GetConsoleCP
GetUserDefaultLCID
SetThreadAffinityMask
SetVolumeLabelA
VirtualUnlock
UnhandledExceptionFilter
GetComputerNameW
GetTempPathA
SetHandleCount
FreeEnvironmentStringsA
InterlockedDecrement
RtlMoveMemory
GetModuleHandleA
GetSystemDefaultLCID
CreateDirectoryA
FreeResource
GetEnvironmentVariableW
GetSystemTimeAsFileTime
ExitProcess
SetStdHandle
GetModuleFileNameA
GetLocaleInfoW
GetStartupInfoW
SetEnvironmentVariableA
ResetEvent
CreateEventA
GetCPInfo
GetLocaleInfoA
GetDateFormatA
GetCurrentProcessId
WriteConsoleA
GlobalHandle
VirtualQuery
LoadLibraryA
TerminateProcess
WaitForMultipleObjects
MultiByteToWideChar
RtlUnwind
LocalUnlock
VirtualAlloc
IsValidCodePage
HeapAlloc
WaitForMultipleObjectsEx
lstrlenW
HeapReAlloc
SetUnhandledExceptionFilter
CreateFileA
GetStartupInfoA
lstrcmpiW
FlushFileBuffers
OpenMutexA
GetFileType
InterlockedExchange
GetEnvironmentStringsW
lstrlenA
SetFilePointer
GetTimeFormatA
InitializeCriticalSection
HeapCreate
GetStringTypeA
GetACP
lstrcatW
EnumResourceNamesA
TlsFree
TlsGetValue
WriteFile
GetEnvironmentVariableA
EnterCriticalSection
WriteConsoleOutputW
GetConsoleOutputCP
IsValidLocale
GetPrivateProfileStringA
GetDiskFreeSpaceExA
GlobalAlloc
GetEnvironmentStrings
EnumSystemLocalesA
FreeEnvironmentStringsW
LeaveCriticalSection
CreateMutexA
GetCommandLineW
HeapDestroy
InterlockedIncrement
GetOEMCP
ReadConsoleW
GetCommandLineA
CompareStringW
IsDebuggerPresent
GetProcAddress
GetTimeZoneInformation
GetCurrentProcess
GetStringTypeW
WaitForSingleObjectEx
CloseHandle
ReadFile
HeapSize
SetLastError
GetCurrentThreadId
LCMapStringA
GetCurrentThread
GetVersionExA
GetTickCount
LoadModule
FoldStringW
TlsSetValue
LoadLibraryW
GetProfileStringW
TlsAlloc
FreeLibrary
GetLastError
GetStdHandle
EnumTimeFormatsW
FormatMessageA
AddAtomW
OpenSemaphoreA
SetThreadContext
VirtualFree
WriteConsoleOutputCharacterW
WriteConsoleW
FindResourceW
WideCharToMultiByte
CompareStringA
QueryPerformanceCounter
HeapFree
LocalFree
lstrcpynA
DeleteCriticalSection
UnlockFile
SetConsoleCtrlHandler
GetProcessHeap
Sleep
WriteProfileSectionA
GetConsoleMode

advapi32

RegReplaceKeyA
RegConnectRegistryW
StartServiceA
RegEnumValueA
RegEnumValueW
RegCreateKeyExW
RegEnumKeyExA
CryptContextAddRef
ReportEventW
RegQueryValueExW

comctl32

CreateStatusWindowA
ImageList_SetFilter
ImageList_Create
ImageList_SetImageCount
ImageList_LoadImageW
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_EndDrag
DrawStatusText
ImageList_GetDragImage
ImageList_SetOverlayImage
ImageList_Duplicate
ImageList_DragEnter
ImageList_Write
CreateToolbarEx
InitMUILanguage
DrawStatusTextA

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81d718ddb02e4decb18371f3f0f00a60

Headers

File Characteristics

Imports

user32

kernel32

advapi32

comctl32

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 20KB - Virtual size: 16KB