0b789ef34b450069c903bbb9c2d14793

General

Target

0b789ef34b450069c903bbb9c2d14793
Size

11KB
MD5

0b789ef34b450069c903bbb9c2d14793
SHA1

24a9ba21ef9d2bcc3ca9965483f424ad03c4fe8e
SHA256

6825b9593f4ff20c94119fd123577d935b1a10bef0d373b5f654e52bf7ffe6e1
SHA512

63e5f67ec36f0e082382496142db323990da558c6a4111fbccc6d23d6ebe387d791f92d6b0dfeffa423aca2d89116ce9662662eaab428042276581ad8d4e01d6
SSDEEP

192:l8clHCYzD52PjP10S2W9Y9iLVL6pgvNZve:5l1zD5ej79CpuNZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b789ef34b450069c903bbb9c2d14793

Files

0b789ef34b450069c903bbb9c2d14793
.exe windows:4 windows x86 arch:x86

41b373c08c5aab8c0bfc778061d7a644

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance

kernel32

LoadLibraryA
GetDriveTypeA
GetFileSize
GetLastError
GetLocalTime
CloseHandle
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
GetLocaleInfoA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetModuleFileNameA
GetLogicalDrives
GetDiskFreeSpaceA

user32

ReleaseDC
GetDC
wsprintfA

oleaut32

SafeArrayAccessData
SysFreeString
SysAllocString
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreateVector

advapi32

GetUserNameA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA

shlwapi

StrStrIA

wsock32

send
recv
WSAStartup

gdi32

GetDeviceCaps

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

41b373c08c5aab8c0bfc778061d7a644

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

wsock32

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 151KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 151KB