0b55a61cfd8743a37dcf4dab87355c9d

Sharing

Copy URL Twitter E-mail

General

Target

0b55a61cfd8743a37dcf4dab87355c9d
Size

495KB
MD5

0b55a61cfd8743a37dcf4dab87355c9d
SHA1

1f783cbd599668c128e412ec27acb49dd3f7252a
SHA256

3caed7b9f1bf9f625b13280c316839eadad3641f101916be14b16a3a8b5e839a
SHA512

e9d1ab08ddfba814b3911fa3590d99cc700b827dcf8b755b89a9e364bc77960473d488d92785703952146a5e3f658ba5af079e8a61f0d0d9a293df502fa9c5aa
SSDEEP

6144:k2cyXy4xQpG6ugbay3speCmqoWeutJvBoOJr4SNT8C8qZz7QfuwL1vUJ+i5Hv/Ci:I4wLDVspeCmqo5ut5i0JNCmsG2vU3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b55a61cfd8743a37dcf4dab87355c9d

Files

0b55a61cfd8743a37dcf4dab87355c9d
.exe windows:4 windows x86 arch:x86

b697afbd4b976b53fac4a0ef4a218419

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

advapi32

RegDeleteKeyA
LogonUserA
CreateServiceW
RegEnumValueA
RegFlushKey
CryptGetKeyParam

kernel32

SetFilePointer
GetTickCount
GetOEMCP
FreeEnvironmentStringsW
DeleteCriticalSection
Sleep
GetModuleHandleA
EnterCriticalSection
GetStringTypeA
TlsAlloc
CompareStringW
GetSystemTimeAsFileTime
GetUserDefaultLCID
VirtualAlloc
GetLocaleInfoA
InterlockedExchange
FlushFileBuffers
GetEnvironmentStrings
InterlockedDecrement
FileTimeToSystemTime
CreateFileA
GetStringTypeW
GetTimeZoneInformation
GetCurrentThread
CloseHandle
LCMapStringW
HeapCreate
GetCommandLineW
GetModuleFileNameA
FreeEnvironmentStringsA
GetCurrentThreadId
CompareStringA
InitializeCriticalSection
UnhandledExceptionFilter
OpenMutexA
GetShortPathNameW
SetStdHandle
TlsSetValue
IsValidCodePage
GetModuleFileNameW
QueryPerformanceCounter
ReadFile
TerminateProcess
WriteConsoleW
VirtualQuery
SetSystemTime
GetFileType
TlsGetValue
GetConsoleOutputCP
HeapSize
HeapReAlloc
GetCurrentProcessId
SetUnhandledExceptionFilter
GetProcAddress
GetACP
GetConsoleMode
HeapDestroy
GetVersionExA
GetCommandLineA
lstrcmpiA
SetHandleCount
VirtualFree
GetStdHandle
MultiByteToWideChar
HeapFree
SetConsoleCtrlHandler
ExitProcess
CreateMutexA
IsValidLocale
RtlUnwind
EnumSystemLocalesA
SetLastError
GetProcessHeap
GetStartupInfoW
ReadFileEx
GetEnvironmentStringsW
GetCPInfo
InterlockedIncrement
GetConsoleCP
LCMapStringA
HeapAlloc
SetEnvironmentVariableA
WriteConsoleA
GetDateFormatA
SetConsoleActiveScreenBuffer
LeaveCriticalSection
WideCharToMultiByte
FreeLibrary
WriteFile
GetCurrentProcess
LoadLibraryA
TlsFree
IsDebuggerPresent
GetLastError
GetTimeFormatA
GetLocaleInfoW
GetStartupInfoA

gdi32

SetBkMode
ResetDCA
StretchBlt
SetEnhMetaFileBits
GetEnhMetaFileHeader
DeleteDC
SetPaletteEntries
CreateDIBSection
CreatePen
CreateICW
CreateEnhMetaFileA
SetICMProfileA
SetBrushOrgEx
GetArcDirection
PtInRegion
GetCurrentPositionEx
CreateSolidBrush
GetWindowExtEx
InvertRgn
GetCharacterPlacementA
SetFontEnumeration
PlayEnhMetaFile
GetColorAdjustment
PlayMetaFileRecord

user32

LoadStringA
DialogBoxIndirectParamA
RegisterClassExA
GetWindowTextW
CreateIconFromResourceEx
GetMenuItemID
MoveWindow
LoadStringW
MapWindowPoints
DlgDirSelectExA
PostMessageA
UnionRect
ModifyMenuA
WindowFromDC
RegisterClassA
GetInputDesktop
GetMenuItemInfoA
DrawIcon
EnumChildWindows
IsRectEmpty
GetParent

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b697afbd4b976b53fac4a0ef4a218419

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

gdi32

user32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 10KB - Virtual size: 38KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 10KB - Virtual size: 38KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 8KB - Virtual size: 8KB