0ba596412d279a8d354f4d6f430cd3d5

Sharing

Copy URL

Twitter E-mail

General

Target

0ba596412d279a8d354f4d6f430cd3d5
Size

386KB
MD5

0ba596412d279a8d354f4d6f430cd3d5
SHA1

7fa262c891b64bceeb06fa436d5f78de419c5b8c
SHA256

9f63fcf4cfca48cacf054d43fccdac302cbd1adbda45a7ec914b7fb0f50ff6f8
SHA512

8dac54e2bc5aa338600fc24d80d764e3c5974eaafdf6f0721e5af182aab044853bfeb2679302eec1b65b2044eb3bf0b4029bde54ec78f816975fc522e58a0cfd
SSDEEP

12288:waXUvaV6S9NjfAWfURLPnScRbQ1pOVmo:waXNV64NjfAeUYcopOQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ba596412d279a8d354f4d6f430cd3d5

Files

0ba596412d279a8d354f4d6f430cd3d5
.exe windows:4 windows x86 arch:x86

135cfcf22a639b7708fd10d1b7de8dab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClipboardViewer
DestroyIcon
CreateIconFromResourceEx
DefWindowProcA
GetFocus
DrawStateA
RegisterClassExA
GetWindowWord
EmptyClipboard
CharUpperW
SetMenuContextHelpId
SetDoubleClickTime
RegisterClassA
ShowWindow
DestroyWindow
DdeQueryStringA
SetMenuItemInfoA
EnumDisplaySettingsExW
SetWindowsHookExW
CallWindowProcW
CreateWindowExA
GetSubMenu
AppendMenuA
GetQueueStatus
MessageBoxW
SetMessageQueue
AttachThreadInput
ToAsciiEx
LoadAcceleratorsW
InternalGetWindowText
CreateAcceleratorTableA
IsWindowEnabled
CreateWindowStationW
CreateIconFromResource

kernel32

WriteConsoleA
VirtualAlloc
DeleteAtom
HeapReAlloc
GetAtomNameW
GetTimeZoneInformation
SetLastError
FlushFileBuffers
GetLastError
GetEnvironmentStringsW
WriteFile
GetTimeFormatA
MoveFileExW
GetConsoleScreenBufferInfo
GlobalGetAtomNameW
IsBadWritePtr
InterlockedIncrement
InitializeCriticalSection
GetACP
GetFileAttributesA
CreateToolhelp32Snapshot
IsBadReadPtr
DebugBreak
GetStdHandle
GetCommandLineA
MultiByteToWideChar
GetVersion
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetHandleCount
CreateDirectoryA
TlsAlloc
TlsFree
LoadLibraryA
LCMapStringW
CloseHandle
GetCPInfo
GetPrivateProfileSectionW
GetThreadSelectorEntry
GetWindowsDirectoryA
ReadConsoleInputW
UnhandledExceptionFilter
CompareStringW
SystemTimeToFileTime
GetCurrentThread
GetAtomNameA
DeleteCriticalSection
OutputDebugStringA
LCMapStringA
OpenProcess
WriteConsoleOutputAttribute
TerminateProcess
GetLocalTime
EnumSystemCodePagesW
GetModuleHandleW
GetTickCount
HeapFree
GetStringTypeW
FreeLibrary
VirtualFree
FreeLibraryAndExitThread
lstrcatA
QueryPerformanceCounter
InterlockedDecrement
RtlMoveMemory
GetModuleHandleA
GetCurrentProcessId
HeapDestroy
AllocConsole
GetNamedPipeInfo
SetConsoleCtrlHandler
CompareStringA
SetConsoleTitleW
WideCharToMultiByte
TlsSetValue
GetSystemDefaultLangID
GetStringTypeA
VirtualLock
GlobalSize
HeapCreate
WritePrivateProfileStructA
GetStartupInfoA
CreateMutexA
OpenMutexA
EnterCriticalSection
TlsGetValue
RtlUnwind
GetSystemTime
ExitProcess
SetEvent
GetCurrencyFormatW
EnumDateFormatsA
GetExitCodeProcess
lstrcpyA
FreeEnvironmentStringsA
LeaveCriticalSection
SetFilePointer
GetEnvironmentStrings
GetModuleFileNameA
SetStdHandle
GetCurrentThreadId
InterlockedExchange
GetOEMCP
EnumDateFormatsExA
GetFileType
CreateFileMappingA
VirtualQuery
GetSystemTimeAsFileTime
GetProcAddress
GetCurrentProcess
HeapValidate
GetStringTypeExA
CreatePipe
HeapAlloc
ReadFile

comctl32

ImageList_AddMasked
ImageList_GetIconSize
ImageList_Draw
ImageList_GetIcon
ImageList_DragLeave
ImageList_EndDrag
DrawStatusText
ImageList_Copy
DestroyPropertySheetPage
ImageList_Merge
ImageList_SetFilter
CreateStatusWindowA
ImageList_Add
DrawStatusTextA
DrawInsert
ImageList_BeginDrag
InitCommonControlsEx
ImageList_SetImageCount
InitMUILanguage
CreatePropertySheetPageW
ImageList_DragEnter
ImageList_Write
ImageList_GetBkColor

gdi32

StartDocA
EnumFontFamiliesExA
ArcTo
GetKerningPairs
CreatePen
GetCharABCWidthsA
CreateDIBSection
GetPaletteEntries
GetGlyphOutline
SetMetaFileBitsEx
GetPolyFillMode
SetWindowExtEx
OffsetClipRgn
GetClipBox
GetOutlineTextMetricsA
PlayEnhMetaFileRecord
EndDoc
Polyline
GetCharABCWidthsFloatW

advapi32

CryptEncrypt
RegCloseKey
RegLoadKeyA
CryptAcquireContextW
RegQueryValueW
LookupAccountNameW
CryptSignHashW
LookupPrivilegeDisplayNameA
RegCreateKeyA
RegOpenKeyA
CryptGetDefaultProviderW
LookupSecurityDescriptorPartsA
CryptDecrypt
CryptGetUserKey
RegEnumValueA
RegDeleteKeyW

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

135cfcf22a639b7708fd10d1b7de8dab

Headers

File Characteristics

Imports

user32

kernel32

comctl32

gdi32

advapi32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 96KB - Virtual size: 113KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 96KB - Virtual size: 113KB

.rsrc
Size: 29KB - Virtual size: 29KB