0ba8599a86948bb8b6803bbc65b59e93

Sharing

Copy URL

Twitter E-mail

General

Target

0ba8599a86948bb8b6803bbc65b59e93
Size

292KB
MD5

0ba8599a86948bb8b6803bbc65b59e93
SHA1

8e834997d27bf3190dcf7473c2796de502203869
SHA256

b0aca09d2ce9f00e90e53038f392ebdff0fe0fab4f26fa0f1373e6b319c23859
SHA512

09cbb1e8f720ba4ce14d928600206e6b0020ff47e72be42234d7b6620b1527e77c9a912d2f3f0ceca974b42fb96790efbc16a989d18fc82e97e372b4634ebde0
SSDEEP

6144:qoBD6iz9BBwwPCM9MeaOsCSP26Vh9BgODLlV98io3PXlB25LtP71cYUG/T:qoGTI33765BgCLl3u3PXTyZxcYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ba8599a86948bb8b6803bbc65b59e93

Files

0ba8599a86948bb8b6803bbc65b59e93
.exe windows:4 windows x86 arch:x86

3d20420e5705618d788bddb43c714e96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetCurrentConsoleFont
FileTimeToSystemTime
SetUserGeoID
lstrcmpA
GetProcessWorkingSetSize
Thread32First
IsBadWritePtr
GetFullPathNameA
GetFileAttributesA
GetCurrentDirectoryA
GetCommandLineA
GetVersionExA
SetThreadLocale
GetThreadTimes
LocalCompact
WriteProcessMemory
GetStdHandle
GetThreadPriorityBoost
GetConsoleCP
SearchPathA
FlushFileBuffers
DuplicateConsoleHandle
UnlockFile
GetSystemWindowsDirectoryA
GetSystemDirectoryA
PurgeComm
LCMapStringA
ExitThread
GetStartupInfoA
WriteConsoleOutputA
SetCommMask
GetConsoleAliasExesLengthA
SetThreadPriorityBoost
GetCommandLineA
OpenEventA
FindAtomA
SetCalendarInfoA
ReadConsoleOutputAttribute
GetConsoleHardwareState
OpenSemaphoreA
EnumTimeFormatsA
WriteProfileSectionA
WriteConsoleA
GetDllDirectoryA
GetEnvironmentStringsA
GetTickCount
GetProcessHeaps
SetDefaultCommConfigA
GetThreadPriority
CreateFileMappingA
TransactNamedPipe
GetConsoleMode
GetConsoleOutputCP
GetTempPathA
UpdateResourceA
DeleteAtom
GetProcessPriorityBoost
OpenFileMappingA
GetComputerNameA
GlobalWire
GetUserGeoID
SleepEx
VerifyVersionInfoA
GetPrivateProfileSectionA
WaitNamedPipeA
lstrlenA
GetLogicalDrives
SetEnvironmentVariableA
GetFileTime
GetCPInfoExA
GetCommState
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetConsoleTitleA
VirtualProtect
GetCurrentProcess
VirtualAllocEx
GetFileAttributesExA
SetConsoleMenuClose
GetSystemTime
FileTimeToDosDateTime
HeapValidate
GetFileSizeEx
GetPrivateProfileIntA
RemoveDirectoryA
ReadConsoleOutputAttribute
IsSystemResumeAutomatic
RegisterWaitForSingleObject
ReadFileScatter
OpenMutexA
GetVersionExA
FindFirstFileExA
ReadConsoleOutputA
ReadFileEx
GetVersionExA
CloseHandle
GetConsoleFontInfo
GetProcessId
ExitProcess
GetPrivateProfileStringA
GetFileSize
OpenEventA
GetThreadPriorityBoost
AllocConsole
GetModuleFileNameA
GetCurrentThread
_llseek
FlushFileBuffers
IsBadStringPtrA
UpdateResourceA
GetConsoleCursorInfo
GetProcessShutdownParameters
GetDevicePowerState
_lcreat
SetFilePointer
EnumResourceTypesA
IsSystemResumeAutomatic
OpenFileMappingA
GetProcessPriorityBoost
FlushViewOfFile
SetDefaultCommConfigA
GetSystemDefaultLCID
EnumSystemLocalesA
DisconnectNamedPipe
EnumSystemLanguageGroupsA
TerminateJobObject
FileTimeToLocalFileTime
GetModuleHandleA
IsBadStringPtrA
GetVersionExA
DeleteTimerQueueEx
TerminateJobObject
GetTempPathA
lstrlen
GetConsoleMode
ClearCommBreak
GetConsoleAliasExesLengthW
MoveFileExA
OpenProfileUserMapping
QueueUserAPC
GlobalMemoryStatusEx
Module32Next
GetProcessHeap
WriteConsoleOutputAttribute
SetFilePointer
SetTimeZoneInformation
EscapeCommFunction
SignalObjectAndWait
SetEvent
ResumeThread
lstrcmpiA
GetCurrentThreadId
GlobalAlloc
EndUpdateResourceA
SetConsoleCP
SetLastError
GetDiskFreeSpaceA
OpenMutexA
GetSystemWindowsDirectoryA
GetDiskFreeSpaceA
GetConsoleCommandHistoryA
GetFileAttributesExA
SetSystemTimeAdjustment
WinExec
LocalAlloc
ReadConsoleA
IsBadStringPtrA
GetCalendarInfoA
GetModuleHandleA
GetTimeFormatA
GetModuleHandleA
SetConsoleCP
BuildCommDCBAndTimeoutsW
EnumSystemLanguageGroupsA
GetConsoleCommandHistoryLengthW
CreateSemaphoreA
IsBadReadPtr
lstrcatA

user32

CharPrevExA
LoadStringA
SubtractRect
RealChildWindowFromPoint
GetWindowThreadProcessId
GetProgmanWindow
CharLowerBuffW
EnumWindows
FindWindowExA
UpdateWindow
GetWindowTextA
ChangeDisplaySettingsExA
EnumChildWindows
CheckMenuRadioItem
FrameRect
SetFocus
IsCharAlphaNumericA
EnumDisplaySettingsExA
GetQueueStatus
GetTabbedTextExtentA
SetSystemMenu
SwapMouseButton
BroadcastSystemMessageExA
TranslateMessageEx
FreeDDElParam
ChangeDisplaySettingsA
CharPrevA
UnhookWindowsHookEx
DrawStateA
RemoveMenu
CreateCursor
RegisterClassExW
BroadcastSystemMessageExW
SendDlgItemMessageA
GetAltTabInfoA
GetWindowModuleFileNameA
ReasonCodeNeedsComment
SetLayeredWindowAttributes
GetMenuItemInfoA
GetUpdateRgn
GetAncestor
GetCursor
MapVirtualKeyExW
EnumWindows
LoadKeyboardLayoutA
FlashWindow
GetDlgCtrlID
GrayStringA
RegisterClassExW
LoadIconA
CharToOemBuffW
LoadCursorFromFileA
ClipCursor
GetAltTabInfoA
RedrawWindow
OemToCharA
ReleaseCapture
GetPropA
EnumPropsA
ToUnicodeEx
SetWindowsHookExA
MessageBoxTimeoutA
CreateIconFromResourceEx
GetWindowModuleFileNameA
CharPrevExA
CharNextExA
IsCharAlphaNumericW
SetPropA
InSendMessage
CharPrevExA
RegisterClassExW
EnumPropsA
OemKeyScan
LoadMenuIndirectA
DestroyMenu
SendNotifyMessageA
SendNotifyMessageA
IsCharAlphaNumericA
SetMenuItemBitmaps
CharToOemBuffW
GetClipCursor
GetTopWindow
UnionRect
GetNextDlgTabItem
CreateDesktopA
CountClipboardFormats
CreateSystemThreads

advapi32

DuplicateToken

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d20420e5705618d788bddb43c714e96

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: - Virtual size: 3KB

.text Size: 180KB - Virtual size: 500KB

.idata Size: 92KB - Virtual size: 91KB

.rsrc Size: 16KB - Virtual size: 15KB

.itext
Size: - Virtual size: 3KB

.text
Size: 180KB - Virtual size: 500KB

.idata
Size: 92KB - Virtual size: 91KB

.rsrc
Size: 16KB - Virtual size: 15KB