0b5bb7068dddbade3ff6e747eaa7a619

Sharing

Copy URL Twitter E-mail

General

Target

0b5bb7068dddbade3ff6e747eaa7a619
Size

651KB
MD5

0b5bb7068dddbade3ff6e747eaa7a619
SHA1

bce86b4614c630256c7b63e121c612c78a45ceca
SHA256

038b36918603300a3356d6765e3ac4a6fc5a0183fe2b58b1691c552948d77ad7
SHA512

d0a0bd6b8af0ca16857d3e12679a900e6e372b0d7a998b75decd60966a2e7ecacc0261551f898a03eb4d2826e72e0a699f2b4fa6f0beeaa367bac5c21a6f702a
SSDEEP

12288:Awvxz14bkJ29gzHKhOLvAejW8YXHzwAo2lNHD86pPBpBW60813BU+xVFENubHhs:AYxzGbo29gzOOLbjW8kHvj86bpBW6v13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b5bb7068dddbade3ff6e747eaa7a619

Files

0b5bb7068dddbade3ff6e747eaa7a619
.exe windows:4 windows x86 arch:x86

1c657a8a1ff89e145b1ce61baea9cfa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcW
CheckRadioButton
ExcludeUpdateRgn
RegisterClassExA
HideCaret
ImpersonateDdeClientWindow
CopyIcon
SwitchToThisWindow
PostMessageA
OpenClipboard
GetKBCodePage
SetMenuItemInfoW
LoadCursorA
IsDlgButtonChecked
DdeFreeStringHandle
GetMenuDefaultItem
TabbedTextOutW
RegisterClassA
DdeDisconnect
InvertRect
TrackMouseEvent
OpenDesktopW
GetWindowDC
UnhookWinEvent

comctl32

InitCommonControlsEx

advapi32

RegQueryInfoKeyW
RegSetKeySecurity
LookupPrivilegeDisplayNameA
CryptHashData
CryptSetProvParam
RegOpenKeyW
CryptHashSessionKey
RegSetValueA
CryptDestroyHash
RegQueryValueA

comdlg32

ChooseColorW
ChooseColorA
LoadAlterBitmap

kernel32

HeapAlloc
HeapDestroy
VirtualFree
InitializeCriticalSection
TlsGetValue
SetConsoleCtrlHandler
ReadFile
GetSystemTimeAsFileTime
FreeLibrary
GetStartupInfoW
CompareStringW
LeaveCriticalSection
GetCurrentThread
CreateMutexA
HeapFree
FlushFileBuffers
GetLocaleInfoA
SetStdHandle
WriteFile
GetTimeFormatA
GetFullPathNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetOEMCP
SleepEx
GetCommandLineA
GetCurrentProcess
GetEnvironmentStrings
SetHandleCount
GetModuleFileNameA
CreateSemaphoreW
SetFilePointer
EnterCriticalSection
WriteConsoleW
GetCommandLineW
IsValidCodePage
GetCurrentThreadId
GetStartupInfoA
GetTickCount
RtlUnwind
GetFileType
IsDebuggerPresent
GetStringTypeW
OpenMutexA
UnmapViewOfFile
OpenFile
GetCPInfo
TlsSetValue
CloseHandle
GetVersionExA
LCMapStringA
GetTimeZoneInformation
GetModuleHandleA
LCMapStringW
WriteConsoleA
TerminateProcess
GetConsoleOutputCP
VirtualAlloc
GetLocaleInfoW
WideCharToMultiByte
EnumSystemLocalesA
QueryPerformanceCounter
GetACP
IsValidLocale
GetConsoleMode
MoveFileW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetUserDefaultLCID
SetEnvironmentVariableA
GetLastError
Sleep
SetUnhandledExceptionFilter
InterlockedIncrement
SetLastError
GetProcessHeap
ExitProcess
TlsFree
CompareStringA
GetStringTypeA
GetCurrentProcessId
LoadLibraryA
HeapSize
GetTempFileNameW
GetDateFormatA
GetModuleFileNameW
GetProcAddress
CreateFileA
HeapReAlloc
HeapCreate
GetConsoleCP
MultiByteToWideChar
VirtualQuery
DeleteCriticalSection
TlsAlloc
InterlockedDecrement
InterlockedExchange
GetStdHandle

Sections

.text
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c657a8a1ff89e145b1ce61baea9cfa4

Headers

File Characteristics

Imports

user32

comctl32

advapi32

comdlg32

kernel32

Sections

.text Size: 315KB - Virtual size: 315KB

.rdata Size: 10KB - Virtual size: 39KB

.data Size: 321KB - Virtual size: 320KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 315KB - Virtual size: 315KB

.rdata
Size: 10KB - Virtual size: 39KB

.data
Size: 321KB - Virtual size: 320KB

.rsrc
Size: 3KB - Virtual size: 3KB