0b83e778bd13495af2d6b6e3f2de3460

Sharing

Copy URL

Twitter E-mail

General

Target

0b83e778bd13495af2d6b6e3f2de3460
Size

117KB
MD5

0b83e778bd13495af2d6b6e3f2de3460
SHA1

9f7697d43c3d0899a9d58104d45e7f5b820e4695
SHA256

bce8b3e6d49fb487c1f26f76fe1d06bb56a29f055ff32827f533b56cdbd06ba0
SHA512

971ae1b2c698301db62400d3466c7ec230cc5666b6db7b2244471ada6cbff4defaf0f61e1d689a4da2116added44ddd685ea6d995ce150b3f8b36d3a87190780
SSDEEP

3072:m8iL6pVpwLDi9k9ZW9nkv8dudL9Fvjsp3XzbNVcR:HiLQDwLDOnkcudZxsFdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b83e778bd13495af2d6b6e3f2de3460

Files

0b83e778bd13495af2d6b6e3f2de3460
.exe windows:5 windows x86 arch:x86

ece8121f5635961c697a3f4546d5deee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

VkKeyScanExW
SetRect
DialogBoxParamW
EnumDisplaySettingsExW
AllowForegroundActivation
GetParent
SetSystemCursor
DisableProcessWindowsGhosting
IsDialogMessageW
DefWindowProcW
GetMenuStringA
IsWindowInDestroy
AppendMenuW
ClipCursor
SetActiveWindow

advapi32

RemoveUsersFromEncryptedFile
RegReplaceKeyA
GetSidIdentifierAuthority
AreAllAccessesGranted
GetEffectiveRightsFromAclW
I_ScSetServiceBitsW
CreateServiceA
RegQueryValueExW
GetSidSubAuthorityCount
SystemFunction014
EnumDependentServicesW
SetSecurityInfoExW
RegSetValueExA
RegEnumValueW
CryptContextAddRef
AdjustTokenPrivileges

gdi32

GetPixel
OffsetRgn
CreateColorSpaceA
EngBitBlt
GdiGetPageHandle
DPtoLP
ExtTextOutW
GetBkColor
ExtEscape
EngPaint
EnumFontFamiliesExA

kernel32

DeleteFileA
PeekConsoleInputW
InterlockedCompareExchange
CreateSemaphoreA
CompareStringW
SetHandleCount
VerSetConditionMask
GetShortPathNameW
FindResourceExA
RtlUnwind
GetConsoleMode
VirtualAlloc
SetConsoleMode
GetTimeZoneInformation
GetComputerNameA
Module32FirstW
GetSystemWindowsDirectoryW
_hread
GetExitCodeThread
CreateDirectoryExW
UpdateResourceA
ShowConsoleCursor
CancelIo
GetCommTimeouts
HeapUnlock
GetProfileStringW
EnumResourceTypesA
SizeofResource
GetThreadSelectorEntry
GetProcessHeap
GetLongPathNameW
GetProcessPriorityBoost
IsBadReadPtr
OpenThread
CreateToolhelp32Snapshot
FindNextFileA
SuspendThread
CreateJobObjectW
CreateFileA
ContinueDebugEvent
GetModuleFileNameW
SetupComm
ConnectNamedPipe
GetCurrentDirectoryA
GetConsoleAliasExesLengthW

Sections

BSS
Size: 34KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 35KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 27KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ece8121f5635961c697a3f4546d5deee

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Sections

BSS Size: 34KB - Virtual size: 122KB

.bss Size: 35KB - Virtual size: 55KB

DATA Size: 27KB - Virtual size: 59KB

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

BSS
Size: 34KB - Virtual size: 122KB

.bss
Size: 35KB - Virtual size: 55KB

DATA
Size: 27KB - Virtual size: 59KB

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB