0b9dc1f462ced2a2559e8a4654c24ac2

Sharing

Copy URL Twitter E-mail

General

Target

0b9dc1f462ced2a2559e8a4654c24ac2
Size

518KB
MD5

0b9dc1f462ced2a2559e8a4654c24ac2
SHA1

80e527246a05b120f84772ed5a4f2dff78b32761
SHA256

8facfcb6e4d911446fb25462e9657a921545b6b2a1a1170b94cae3071508549d
SHA512

06190e4dc0b4f3f9825b2355b8152eecc08f9de4373e4b94f2c9f0d00b02f1724fcc4a363c5e51fc55671992c3dea60fadb4cfc8604f79c0bda83791054c2f4c
SSDEEP

12288:SwESZ+OwdfAOJdeUNyEstbHN4iynVekgJuaJpPfKsd1+:SwEAgfA0dnNhSN4iynYpL3ts

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b9dc1f462ced2a2559e8a4654c24ac2

Files

0b9dc1f462ced2a2559e8a4654c24ac2
.exe windows:4 windows x86 arch:x86

1e7e2e91d47f5e6d1c4dd21e49eb9c8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefDlgProcW
SetWindowLongA
CreateWindowExA
CharNextW
GetWindowModuleFileNameW
DialogBoxParamA
CreateMDIWindowW
RegisterClassExA
WaitForInputIdle
SetDebugErrorLevel
CharNextA
DestroyIcon
DdeSetQualityOfService
DragObject
RegisterClassA
SetClipboardData
UnhookWindowsHookEx
TileChildWindows
IsCharAlphaNumericW
ShowOwnedPopups
GetMenuState
IntersectRect

wininet

FindNextUrlCacheEntryW
GetUrlCacheEntryInfoA
InternetTimeFromSystemTimeA
FindNextUrlCacheGroup
DeleteUrlCacheGroup
FindFirstUrlCacheEntryExA

comctl32

InitCommonControlsEx

kernel32

GetSystemTimeAsFileTime
DosDateTimeToFileTime
TlsSetValue
HeapReAlloc
IsValidLocale
GetEnvironmentStringsW
GetDateFormatA
GetEnvironmentStrings
GetConsoleOutputCP
MultiByteToWideChar
TlsAlloc
CreateMutexA
GetCurrentProcess
VirtualFree
FreeEnvironmentStringsW
LoadLibraryA
GetProcAddress
EnumTimeFormatsW
TlsGetValue
GetStringTypeW
RtlUnwind
GetOEMCP
GetLocaleInfoA
HeapSize
InterlockedDecrement
GetTimeZoneInformation
CloseHandle
TlsFree
SetUnhandledExceptionFilter
CompareStringW
LCMapStringA
IsDebuggerPresent
FreeLibrary
SetLastError
ExitProcess
GetLastError
GetCurrentThread
VirtualQuery
GetStdHandle
GetCPInfo
HeapDestroy
GetCommandLineA
TerminateProcess
IsValidCodePage
InterlockedIncrement
LCMapStringW
WideCharToMultiByte
WriteConsoleW
ReadFile
GetTickCount
GetACP
GetProcessHeap
OpenMutexA
GetConsoleCP
DeleteCriticalSection
HeapCreate
WriteConsoleA
VirtualAlloc
GetLocaleInfoW
GetProcAddress
SetHandleCount
GetStartupInfoA
GetCurrentThreadId
InterlockedExchange
GetModuleHandleA
Sleep
EnterCriticalSection
GetFileType
GetTimeFormatA
InitializeCriticalSection
WriteFile
GetCurrentProcessId
FreeEnvironmentStringsA
GetUserDefaultLCID
SetStdHandle
LeaveCriticalSection
FlushFileBuffers
SetEnvironmentVariableA
GetModuleFileNameA
SetFilePointer
CreateFileA
UnhandledExceptionFilter
GetVersionExA
GetStringTypeA
QueryPerformanceCounter
CompareStringA
GetConsoleMode
EnumSystemLocalesA
lstrcpy
HeapFree
SetConsoleCtrlHandler
HeapAlloc

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e7e2e91d47f5e6d1c4dd21e49eb9c8a

Headers

File Characteristics

Imports

user32

wininet

comctl32

kernel32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 9KB - Virtual size: 27KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 9KB - Virtual size: 27KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 12KB - Virtual size: 11KB