0b96ebc2f32aa30cb27fa1ad0b96ea11

Sharing

Copy URL

Twitter E-mail

General

Target

0b96ebc2f32aa30cb27fa1ad0b96ea11
Size

122KB
MD5

0b96ebc2f32aa30cb27fa1ad0b96ea11
SHA1

63f4de32b348c440a57e30f504edaaa84873de12
SHA256

75e7877487e78547f106d89ab346a25d749fd003d4a97c2db93a8c06f388922a
SHA512

f1ad835606518e0f6d71cb96688ba103bee0ee3abf8b7e1fde0c952f37f7b53a00fb91ba9286efb663a77e63da22548a75bc71b6829dad373fe365b1da412461
SSDEEP

3072:0cyxbI1B/B/bKbXWnXXNIbHwCT5KLGVgFG5Tc0nTXx:0c/sfHjKCVsG5TB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b96ebc2f32aa30cb27fa1ad0b96ea11

Files

0b96ebc2f32aa30cb27fa1ad0b96ea11
.exe windows:4 windows x86 arch:x86

4272981cd7cf28c7ea00414586fbfa95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetComputerNameA
LoadLibraryA
FreeLibrary
SetPriorityClass
RemoveDirectoryA
GetFullPathNameA
CreateDirectoryA
CopyFileA
GlobalFree
GlobalAlloc
GetCurrentThreadId
GetStartupInfoA
CreateFileMappingA
GetDiskFreeSpaceA
GlobalMemoryStatus
GetSystemInfo
GetTickCount
GetSystemDirectoryA
SetFileTime
CreateFileA
GetCurrentProcessId
GetStdHandle
MapViewOfFile
DeleteFileA
FreeResource
SizeofResource
LoadResource
FindResourceA
GetCommandLineA
SetErrorMode
GetModuleFileNameA
WriteFile
OpenProcess
TerminateProcess
GetExitCodeProcess
TerminateThread
ReadFile
Sleep
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
FindClose
GetLastError
FormatMessageA
GetModuleHandleA
UnmapViewOfFile
CreatePipe
GetCurrentProcess
DuplicateHandle
CloseHandle
CreateProcessA
GetWindowsDirectoryA
CreateSemaphoreA
GetVersionExA
HeapReAlloc
TlsSetValue
GetEnvironmentStrings
CompareStringW
CompareStringA
GetLocaleInfoW
GetLocaleInfoA
SetEndOfFile
SetEnvironmentVariableA
GetProcAddress
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
CreateThread
FreeEnvironmentStringsW
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetLastError
TlsAlloc
GetCPInfo
GetEnvironmentStringsW
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
GetFileType
SetHandleCount
SetFilePointer
GetCurrentDirectoryA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapCreate
ExitProcess
RtlUnwind
TlsGetValue
HeapFree
HeapAlloc
ResumeThread
GetSystemTime
ExitThread
GetTimeZoneInformation
MoveFileA
GetLocalTime
GetFileAttributesA
GetVersion

user32

IsWindow
MessageBoxA
SendMessageA
DefWindowProcA
PeekMessageA
UnhookWindowsHookEx
DestroyWindow
CallNextHookEx
PostThreadMessageA
CreateWindowExA
ExitWindowsEx
DispatchMessageA
GetMessageA
RegisterClassA
SetWindowsHookExA

gdi32

CreateDCA
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
DeleteDC
GetDeviceCaps

wsock32

listen
WSAStartup
gethostbyname
htons
bind
sendto
recvfrom
connect
inet_ntoa
setsockopt
recv
send
WSAGetLastError
closesocket
socket
accept

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumCachedPasswords
WNetAddConnectionA
WNetCancelConnectionA
WNetEnumResourceA

winmm

PlaySoundA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

svrapi

NetSessionEnum
NetShareEnum
NetShareDel
NetShareAdd

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
GetUserNameA

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4272981cd7cf28c7ea00414586fbfa95

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wsock32

mpr

winmm

avicap32

svrapi

advapi32

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 14KB - Virtual size: 42KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 42KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 7KB - Virtual size: 6KB