0b9183b5113217997afdb7c23d4cf3fa

Sharing

Copy URL Twitter E-mail

General

Target

0b9183b5113217997afdb7c23d4cf3fa
Size

580KB
MD5

0b9183b5113217997afdb7c23d4cf3fa
SHA1

8ece3f206c9e943e7642b5a81968fe65e0cd589c
SHA256

8448b3e95eac65d92e0768f5e5972f3210a0d6ee19ae56ec85389a78e78c50b4
SHA512

e5653861d39220746cd40679da6f858044d3d2467da0066ab32ed35ee3321c1aee5a1d91d48efee42d72fd51595524c0b32002b6b495f1a4582cd7324b191892
SSDEEP

12288:IqDvRFg4D08QJ3u1nU5FibkVZb5C9NgJJ:IqDzrwLUc66wNgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b9183b5113217997afdb7c23d4cf3fa

Files

0b9183b5113217997afdb7c23d4cf3fa
.exe windows:4 windows x86 arch:x86

34c26218a01b376c23688f2babde7239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Copy
ImageList_Write
CreateToolbar
CreateUpDownControl
ImageList_SetFilter
DrawInsert
InitCommonControlsEx
ImageList_SetIconSize
ImageList_GetIcon
ImageList_EndDrag
_TrackMouseEvent
DestroyPropertySheetPage
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_BeginDrag

kernel32

HeapCreate
FlushViewOfFile
GetProcAddress
FreeEnvironmentStringsW
GetFileAttributesW
LCMapStringW
VirtualAlloc
lstrcat
HeapSize
GetCurrentThreadId
lstrcmpiA
GetModuleHandleA
GetACP
HeapAlloc
HeapValidate
GetTimeZoneInformation
TransactNamedPipe
GetCalendarInfoW
CreateProcessA
EnumResourceLanguagesA
GetVolumeInformationW
FindFirstFileExW
GetProfileStringA
EnterCriticalSection
GlobalHandle
IsBadWritePtr
lstrcpyA
GetCommandLineA
SetLastError
CreateFileMappingA
VirtualQuery
HeapFree
GetCurrentProcess
SetHandleCount
lstrlen
GetSystemTime
GetPrivateProfileStructW
GetProfileStringW
GetPrivateProfileSectionNamesA
GetCurrentDirectoryW
CompareStringW
GetDriveTypeW
WaitNamedPipeA
GetOEMCP
GetDiskFreeSpaceA
CompareStringA
SetFilePointer
HeapDestroy
GetTickCount
ReadConsoleOutputW
FindResourceA
EnumSystemLocalesW
UnlockFile
ExitProcess
GetPrivateProfileSectionW
FreeEnvironmentStringsA
VirtualFree
MultiByteToWideChar
AddAtomA
GetVersion
CreateEventA
InitializeCriticalSection
InterlockedDecrement
GetFileType
GetProcAddress
GetCPInfo
CloseHandle
UnhandledExceptionFilter
GetCurrentProcessId
SetEnvironmentVariableA
TlsAlloc
CreateMutexA
FillConsoleOutputAttribute
GetEnvironmentStringsW
GetStringTypeW
OpenMutexA
GetModuleFileNameA
SetLocaleInfoA
WriteConsoleOutputCharacterW
LCMapStringA
FileTimeToSystemTime
CreateWaitableTimerA
TerminateProcess
GetStartupInfoA
DuplicateHandle
GetStdHandle
lstrcatW
GetPrivateProfileStringA
LocalReAlloc
LoadLibraryA
GetStartupInfoW
WideCharToMultiByte
GetEnvironmentStrings
HeapReAlloc
MapViewOfFileEx
WriteConsoleA
GetStringTypeA
QueryPerformanceCounter
GetLastError
CreateDirectoryA
InterlockedIncrement
LeaveCriticalSection
GlobalDeleteAtom
FlushFileBuffers
EnumDateFormatsW
SetLocalTime
FindFirstFileA
GetLocalTime
LocalFree
GetAtomNameA
TlsSetValue
RtlUnwind
GetShortPathNameW
DeleteCriticalSection
lstrcmpi
SetStdHandle
InterlockedExchange
FindResourceExA
ReadFile
LocalFlags
TlsGetValue
GetSystemTimeAsFileTime
TlsFree
GetNamedPipeHandleStateW
lstrlenW
GlobalLock
GetThreadSelectorEntry
FindNextFileA
WriteFile
GetCurrentThread
ExpandEnvironmentStringsW

user32

SetDoubleClickTime
GetKeyNameTextW
GetQueueStatus
UnregisterHotKey
wsprintfW
ShowWindowAsync
BeginDeferWindowPos
GetClipboardOwner
EnumPropsA
RegisterHotKey
GetActiveWindow
ScrollWindowEx
AnyPopup
DrawFocusRect
SetWinEventHook
ClipCursor
DefMDIChildProcW
GetKeyboardLayoutList
SendMessageTimeoutW
GetDialogBaseUnits
DdeQueryConvInfo
DdeClientTransaction
IsCharUpperA
IsRectEmpty
IsWindowVisible
WindowFromPoint
ChangeClipboardChain
GetPriorityClipboardFormat
GetClipboardData
GetMenuStringA
GetMenu
DlgDirListW
VkKeyScanExA
OffsetRect
EnableScrollBar
WindowFromDC
LoadCursorFromFileA
MapDialogRect
EndMenu
AppendMenuW
CreateDialogParamW
GetMenuDefaultItem
GetMenuItemID
ArrangeIconicWindows
GetWindowRgn
GetMenuInfo
BringWindowToTop
RegisterClassExA
RegisterClassA
VkKeyScanW
DestroyCursor
SetCursorPos
GetMonitorInfoW
CharNextW
DdeConnectList
SetMessageExtraInfo
GetCursorPos
SystemParametersInfoW
SetRectEmpty
GetParent
CloseClipboard
SendDlgItemMessageA
SetProcessWindowStation
ScrollWindow
GetClipCursor
GetClassInfoA
IsCharLowerA
MessageBeep
SetWindowsHookExA
WINNLSGetIMEHotkey
DdeUnaccessData
SendNotifyMessageA
GetWindowTextW
ReuseDDElParam
SetPropW
GetInputState
GetClassInfoW
ScrollDC
DdeDisconnectList
SetUserObjectInformationA
DialogBoxParamW
GetMenuState
RealGetWindowClass
ReleaseCapture
GetSystemMetrics
CreateDialogIndirectParamW
GetClassInfoExW
FillRect
SwitchToThisWindow
EnumDisplayDevicesA
GetWindowThreadProcessId
TileChildWindows

wininet

DeleteUrlCacheEntry
GopherOpenFileW
DeleteUrlCacheContainerW
GopherGetLocatorTypeA
FtpDeleteFileW
ShowCertificate
InternetCheckConnectionW

advapi32

RegConnectRegistryA
CryptGetUserKey
CryptSetProvParam
RegCreateKeyW
RegDeleteKeyA
RevertToSelf
CryptHashSessionKey
CryptGetKeyParam
LookupAccountSidW
CryptEnumProviderTypesW
CryptVerifySignatureW

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34c26218a01b376c23688f2babde7239

Headers

File Characteristics

Imports

comctl32

kernel32

user32

wininet

advapi32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 112KB - Virtual size: 122KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 112KB - Virtual size: 122KB

.rsrc
Size: 16KB - Virtual size: 12KB